Where attacks threaten and how to protect yourself

The fear is great: A cyber war is looming between Russia and the West. Politicians, experts and authorities are alarmed. Just last week, US President Joe Biden warned of Russian cyber attacks: “They will come.” The cybersecurity industry is in turmoil. There is “more fear than ever before,” explained expert Jonathan Reiber at a conference in March. The crypto world is also a battleground in this cyber war.

Hacks have rocked the space for years. Centralized crypto exchanges and decentralized finance (DeFi) service providers are particularly vulnerable. Data service provider Chainalysis estimates that over $12 billion in cryptocurrencies were stolen by hackers there in 2021 alone. And today, March 30, 2022, hackers stole over $600 million from the blockchain game’s log Axe Infinity from that. It was the worst hack ever in the DeFi space. Which targets could be targeted by hackers in a cyber war between the West and Russia? How great is the risk for small investors – and what is the best way to protect themselves?

Shortly after Russia’s invasion of Ukraine began, the hacker collective Anonymous declared cyberwar on the Kremlin. It attacked Russian state media such as Russia Today and Russ.ru, shutting down their websites and displaying anti-war messages. Two weeks ago, Anonymous stole 20 terabytes of data from a German subsidiary of the Russian energy company Rosneft. Concerns about imminent retaliatory strikes are growing.

Russian hackers steal BTC

Because in the course of these attacks, one of the most notorious Russian hacker groups declared its “full solidarity” with Moscow. Her name is Conti. The FBI counts over 400 attacks on US companies alone, some on critical infrastructure. The Russian hackers from “Conti” also use sophisticated computer viruses, so-called Trojans, to steal user data – and BTC.

Over 65,000 are in the war chest of their leaked crypto wallet, which is equivalent to more than two billion US dollars. The company Chainalysis has been tracking hackers and money launderers in the crypto space since 2014 and estimates that more than 700 million US dollars have been laundered in Moscow with these stolen Bitcoins in the last three years.

In a war with such severe economic implications, DeFi service providers’ crypto exchanges and protocols could soon become honeypots for the hackers, Modulus CEO Richard Gardner tells BTC-ECHO. His company has been developing software for financial service providers such as NASDAQ since 1997, including security tools. “They break in there and steal what they need to fund the war.” North Korean hackers have been doing this for a number of years. They, too, are stepping up their activities according to the latest reports from US cybersecurity firms.

Anonymous may soon target crypto exchanges and DeFi protocols serving Russian operations. Russian hackers, in turn, could target crypto exchanges that route crypto donations to Ukraine, Gardner said. To date, nearly $100 million in donations have been raised in this way.

Cyber ​​War and the Aftermath

Betsy Bevilacqua, chief of cybersecurity at Chainalysis, warns of possible “collateral damage” in hacking attacks on Ukraine. “That’s my biggest concern,” she tells BTC-ECHO. “We saw something like this before in 2017. At that time, hackers attributed to Russia attacked Ukraine’s financial system with a Trojan. However, the malware quickly spread worldwide and caused global damage of around ten billion US dollars – one of the most destructive cyber attacks in history.”

Both experts agree: the exchanges and DeFi service providers should be on high alert in the coming months. And also the users. “If you are personally involved in cryptocurrencies, you should rather use a hardware wallet,” recommends Richard Gardner. Such hardware wallets are physical devices on which cryptocurrencies are stored, often USB sticks. They cost a few hundred euros and are relatively easy to set up.

The difference to other forms of storage: Hardware wallets are not permanently connected to the Internet, so they are considered “cold”. This guarantees the highest possible security compared to a classic private wallet or storage on crypto exchanges and in DeFi protocols. These are vulnerable to hacks and phishing attacks.