News

$196M Lost in BitMart Hack, Crypto Analysts Warn More Will Come

Richard Marley
December 07, 2021
3 minutes read
2218

BitMart, one of the world’s largest cryptocurrency exchanges, lost $196 million in a recent hack due to ineffective compliance infrastructure.

Crypto analysts have warned that cryptocurrency technologies have made it easier for fraudsters to hide their tracks after successfully stealing $196 million from crypto exchange “BitMart”.

The exchange is the world’s 118th largest cryptocurrency provider, based on client traffic, trading volumes, liquidity, and customer trust. However, BitMart customers’ confidence has shattered after the exchange announced it had fallen prey to cybercriminals.

“We have identified a large-scale security breach related to one of our [ethereum] hot wallets and one of our [Binance] hot wallets today,” BitMart confirmed in a statement on Saturday. “At this moment we are still concluding the possible methods used.”

The cryptocurrency exchange estimated that masterminds of the multi-million dollar hack had fled with nearly $150 million in digital currency. However, blockchain security experts later pointed out that the theft was around $196 million.

The crypto heist was first noticed by the cyber experts when an unusual flow of $10 million was detected from exchange to an anonymous address. BitMart stated that the hack had only affected “a small percentage of assets on BitMart and all of our other wallets are secure and unharmed.”

“We are now conducting a thorough security review and we will post updates as we progress,” BitMart added. “At this moment we are temporarily suspending withdrawals until further notice.”

It’s ambiguous how the hackers broke into BitMart. However, the security companies said that the cybercriminals used the transfer-out, swap, and wash approaches to overcome the risk of getting traced. The cybersecurity analyst also stated that due to insufficient infrastructure criminals are able to easily hack into crypto exchanges for their financial gains.

“The technology underpinning cryptocurrencies makes it far too easy to steal large sums of money, often leaving little or no trace as to where the money has gone or who has stolen it,” Jake Moore, cybersecurity specialist at ESET. “Sending funds to an ethereum mixing service is common for those wanting to evade being followed by the authorities, so better initial prevention for those with digital funds is vital to help mitigate this growing trend.”

“Users can add layers of protection such as 2FA and remain on guard against cleverly targeted phishing emails but crypto exchanges could potentially add extra layers of security when money is requested. Multiple verification techniques over certain amounts of money can slow thieves down and potentially reduce or even prevent the money from being taken”, Jake said.

BitMart was warned before this hack that cybercriminals can take over the security systems due to the absence of Know Your Customer (KYC) practice, thus making it difficult for the regulatory bodies to track down criminals.

Therefore, financial regulators across the globe are now determined to come up with more strict laws and policies to halt the usage of digital currencies in financial crimes.

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
FATF and EU Delist Bahamas from AML Blacklist
European Union has finally removed Bahamas from its AML blacklist, right after FATF has delisted the country from the grey list.

The European Union implemented a new regulation on 7 January to amend the EU AML blacklist, including removing the Bahamas, just a few days after it was delisted from the FATF’s (Financial Action Task Force) grey list as it has some shortcoming in its anti-money laundering defense framework.

The Office of the Attorney General said in a statement that “the FATF congratulated The Bahamas for the ‘significant progress’ it has made in improving its AML/CFT/CFP regime”.

The Bahamas has been delisted from the EU anti-money laundering (AML) blacklist, Attorney General Ryan Pinder announced today.

— Nassau Guardian (@GuardianNassau) January 12, 2022

“The Bahamas has strengthened the effectiveness of its AML/CFT system and addressed related technical deficiencies to meet the commitments in its action plan and remedy the strategic deficiencies identified by the FATF in October 2018. The Bahamas is therefore no longer subject to the FATF’s increased monitoring process. The Bahamas will continue to work with CFATF to improve further its AML/CFT regime.” FATF added.

On 11 January OAG (Office of the Attorney-General), while providing additional details on EU delisting the country from AML blacklist said: “This favorable outcome of the many months of engagement is a welcomed one and comes almost 12 months after the Financial Action Task Force (FATF) delisted The Bahamas on the 18th of December 2020 from its List of Jurisdictions Under Increased Monitoring (FATF’s Grey List). The Bahamas will continue to work with European Union and all international partners as we seek to maintain our AML/CFT/CFP regime on par with international agreed measures which safeguard the global financial system.”

Financial watchdog also acknowledged and paid thanks to collaborate teams including National Identified Risk Framework Coordinator, Dr. Cassandra Nottage, the member of International Legal Cooperation and Compliance Units of the OAG and DG FISMA team, for this desired conclusion to the EU AML Review Process.

Suggested Read: EU Removes Iraq From List of High-Risk Money Laundering Countries

Recent Posts

Blog
Metaverse and Meta Criminals - Is it Possible to Secure Identities with IDV?
Ever since Mark Zuckerberg changed Facebook’s name to Meta, the acronym “metaverse” has taken over the whole internet, and is now part of global headlines. However, the concept of the metaverse is not new. This term first appeared back in 1992 in the sci-fi novel “Snow Crash”. In addition to this, metaverse has been a crucial element in the gaming world. Games like Minecraft and Fortnite were among the initial versions of metaverse. This allows people to virtually interact and expand real-life reality through AR.

The development of metaverse is directly related to the advent of blockchain technology, virtual assets, and digital currencies. Being powered by blockchain, it is enabling the payment gateway for services like fiat currencies, but in a virtual ecosystem. Due to this, the assets can be tokenized and stored on a blockchain ledger digitally. Nonetheless, the rise of the metaverse is skyrocketing the risk of crimes. Thus, identity verification solutions could be considered a viable option to secure meta. However, as the metaverse ecosystem expands, more online opportunities will emerge where people can interact in multi-dimensional instead of just seeing digital content.

Understanding the Concept of Metaverse

Facebook defines metaverse as a virtual space where people can establish and interact with other people who are present in different physical spaces. Though the potential of metaverse technology is not yet globally recognized, it is forecasted that sooner or later it will become mainstream where people will work, learn, create, play shop and explore in a virtual environment. However, the CEO of Facebook has been talking about meta for a while, but back on October 17, 2021, an official press release was published, in which a new trend of interconnecting people virtually through augmented reality technology. With this, the interaction can provide an experience closer to meeting people physically.

Due to the exceptional capabilities of connecting people, virtual is making metaverse grow substantially as individuals and businesses are investing millions and billions of dollars to become part of the metacommunity as it will be the next big thing in this digitized world. Metaverse is also considered the next stage in internet development. Facebook is investing heavily in VR and AR devices, as it has launched Oculus VR headsets. While AR glasses and wristband tech tools are in the development phase. Other than Facebook, other technology firms are also stepping into virtual reality, futuristic glasses and concepts like this are making hype and dragging people into realities that don’t exist now. Other than VR, AR devices have also spiked in recent years.

Metaverse – New Emerging Crime Source?

No doubt, metaverse has come up with new opportunities for businesses to enter the virtual world. This has made companies, individuals, and investors spend millions and billions on digital assets. The rapid inflow of capital and absence of strict regulation has made this innovation hub of scams and cybercrimes. According to cybersecurity analysts, metaverse holds great potential for scams and other emerging crimes, without having any precautionary measures. Among various types, romance or dating scams are significantly increasing. In this, the cybercriminals trick out and fantasize about spending money or providing financial information from people present in virtual spaces.

In addition to this, the metaverse depends on cryptocurrency payments and digital assets that further rely on blockchain distributed ledger, which paves new ways to scam people. Smart contracts are also becoming vulnerable as they are pieces of code on the blockchain ledger that automatically process when certain conditions are fulfilled. Due to this, cyberattackers are directed towards smart contracts. However, in writing, smart contract providers ensure that customers will receive virtual assets like NFT, once payment is made. But fraudsters are deliberately exploiting by deploying bogus smart contracts that appear legit in ads but are scams in reality.

People’s Bank of China to Monitor Metaverse

Keeping in mind, the adverse consequences of metaverse scams, the director of the AML unit at People’s Bank of China (PBoC), proposed that the underlying crackdown on digital currencies could expand to metaverse as well, as cryptocurrencies and meta are ranked as risk assets, therefore law enforce authorities will keep strict vigilance on the evolution of these new emerging assets.

“As virtual assets, especially virtual currencies, pose increasingly serious challenges to national currency sovereignty, anti-fraud, anti-money laundering, and anti-terrorist financing, international organizations and governments are strengthening the supervision of virtual assets,” said the director.

In addition to this, according to PBoC representatives, metaverse and crypto investment remains anonymous due to their decentralized nature. This government initiative aims to reduce the risk of illicit crowd-funding, tax evasion, money laundering, and other financial crimes.

Legal Issues Related to Metaverse Content

After increased cybercriminal activities, the next emerging issue is related to false claims on the metaverse content. Thus, these claims come under three categories, which are;

1. Copyright

The Copyright Act secures the creator from third parties replicating their content. Particularly, there is a term “fair use” that protects copying based on certain factors, but in reality, it comes down to judge or jury orders, whether they think it is fair or not. However, in a metaverse ecosystem that incorporates cityscapes, the owner can claim copyrights for such use. In addition to this, if an individual entity inputs copyrighted content into the metaverse, only the respective customer will be liable for the actions, not the company, as the business interests are secured under Digital Millennium Copyright Act (DMCA).

2. Trademark

Trademark laws and standards secure the internet of genuine content creators against the illegal or unpermitted use of trademarks in a way to make customers believe that the trademark owner is either source of content or endorsing goods. The same goes for metaverse companies, if businesses use someone else trademarks and appear to be legit businesses are held liable for actions. Under the Federal Trademark Anti-Dilution Act, national brands are permitted to sue if their trademark is advertised or branded by other businesses. Thus, metaverse companies need to be wise enough not to include brand images into their advertisements, like scheme teasers, etc.

3. Right of Publicity

The rights of publicity is another major legal issue that the metaverse industry is struggling to cope with. Usually, the metaverse companies use names, likenesses, and voices of celebrities as well as individuals without their consent or acknowledgment. However, the set of standards for lawsuits varies region-wise. Other than this, using third-party persons in metaverse products could also be considered unlawful. To secure the rights of publicity, the Communications Decency Act is established.

How Shufti Pro Can Help

As criminal activities are increasing and metaverse is being exploited, companies need to enhance cybersecurity systems. Like other businesses, trust is a crucial factor for growth. This can only be accomplished by onboarding legit investors. However, conventional ways of securing business interest are incompetent to fight sophisticated criminals that are using tech-driven tools to manipulate this industry. In addition to this, determining the originality or metaverse product is also becoming quite difficult. Hence, reducing scams and onboarding legitimate customers is only possible through digital identity verification solutions.

Shufti Pro’s robust identity verification services are an ideal solution for metaverse companies as they can precisely determine the true identities of investors and categorize them according to risk level. AI-powered AML screening service also verifies customers against 1700+ global watchlists with 98.67% in less than a second.

Want to know more about identity verification services? Get in touch with experts!

Talk to us

$196M Lost in BitMart Hack, Crypto Analysts Warn More Will Come

Understanding the Concept of Metaverse

Metaverse – New Emerging Crime Source?

People’s Bank of China to Monitor Metaverse

Legal Issues Related to Metaverse Content

1. Copyright

2. Trademark

3. Right of Publicity

How Shufti Pro Can Help

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.