Cyber-crooks have re-walleted a whole lotta crypto since the start of 2017…
About $1.2 billion in cryptocurrencies has been stolen since the beginning of 2017, according to estimates from the non-profit Anti-Phishing Working Group (APWG) released on Thursday. The figure, part of the non-profit group’s research on cryptocurrency sector, were based on estimates of reported and unreported thefts.
Dave Jevans, APWG’s chair – and CEO of CryptoSec outfit CipherTrace – told Reuters that “One problem that we’re seeing in addition to the criminal activity like drug trafficking and money laundering using cryptocurrencies is the theft of these tokens by bad guys”. Of that massive $1.2 billion figure, the group estimates that something under 20% has been returned, with law enforcement struggling to track-down the perpetrators.
Their observations also come with the observation that the group’s work – and the work of other infosec-focused teams like it, will be hindered by the EU’s new General Data Protection Regulation (GDPR) going forward. That new set of rules for handling personal data will take effect on Friday.
“GDPR will negatively impact the overall security of the internet and will also inadvertently aid cybercriminals,” Jevans continued. “By restricting access to critical information, the new law will significantly hinder investigations into cybercrime, cryptocurrency theft, phishing, ransomware, malware, fraud and crypto-jacking”.
Chief among the problems going forward, is that GDPR will mean a significant curtailing of the amount of information available from WHOIS, which currently holds and makes available the names, addresses and email addresses of those who register domain names for websites.
The APWG chairman’s rather foreboding message?
“So what we’re going to see is that not only the European market goes dark for all of us; so all the bad guys will flow to Europe because you can actually access the world from Europe and there’s no way you can get the data anymore,” Jevans said.