Author

Topic: More than 10 percent of $3.7 billion raised in ICOs has been stolen: Ernst & You (Read 319 times)

sr. member
Activity: 378
Merit: 278
Bitcoin :open immutable decentralized global fair
Great article.

Very valuable post, thank you Hydrogen.

When will people learn and realize? Altcoins are known as "scamcoins" for a reason - they will die a relative death. Bitcoin will prevail.
Bitcoin's blockchain is the only unique one to provide the most security in a decentralized, global, incentivized fashion.

Bitcoin's price will be at the very least more than 4 times (400%) of todays price in 5 years.

Bitcoin's lightning network is emerging where fees will be tiny and cross-chain atomic swaps for decentralized exchange.

Governments and laws are controlled by the central banks. Bitcoin is an anti-establishment revolution that has already solidified itself worldwide.

Bitcoin cannot be controlled. It cannot be banned. It cannot be made illegal. And conversely it cannot be legalized. It just simply is. And people can always use it.

Those trying to undermine and manipulate bitcoin stem from the central bank system around the world;
-the central banks dictate policy to all the operating big banks around the world and have essentially tried their best to ban bitcoin related transactions for more than four years straight, ever since 2013, and have failed at stopping bitcoin's growth, adoption, and popularity
-the central banks fund efforts to undermine bitcoin, providing plenty of capital and liquidity to private companies and venture backed groups such as Digital Currency Group (they own Coinbase, GDAX, Kraken, Bitpay, and media outlet Coindesk) and also Roger Ver/Bitmain to undermine and break the bitcoin protocol and/or manipulate trade

Above are just small examples.

First, educate yourself and then others. Please checkout the link to the bitcointalk post in my signature titled: How to teach Bitcoin to a 7 year old.

Bitcoin is a secure, decentralized, trustless and open system which cannot be banned nor controlled.
 
Bitcoin is ultimate store of value and its popularity has strengthened over time and maximizes value compared to any other altcoin...why?:
If it can be shutdown, and have assets frozen by a bank or government, there would be no value
If it wasn't secure, there would be no value.
If it wasn't immutable, there would be no value.
If it wasn't globally distributed, there would be no value.
If it wasn't so strong, open-source decentralized and unstoppable, there would be no value.
If it wasn't so scarce, there would be no value.
If it was easy to spam transactions, there would be no value
If it required a central 3rd party to function, there would be no value
If it was stopped after all major banks on Earth banned in 2013 to today, there would be no value. (say "bitcoin" when transacting and watch the block of the transaction. simple fix=never mention "bitcoin").
If it didn't have the history of 8+ years (and still no hacker can exploit bitcoin blockchain), there would be no value
Bitcoin is on the verge of lightning network release rendering altcoins as only backup plan options if not dead.
If it was exactly like fiat and only did transactions, there would be no value.

Bitcoin's value is worth hundreds of billions USD today. Altcoins however are scams, weak, pyramid schemes not offering these values.

Bitcoin has all the characteristics needed combined to hold the most value and increasing more than any other financial-asset option coming from the manipulated fiat central-banking debt-system. (more than stocks, more than houses, more than gold)
newbie
Activity: 79
Merit: 0
that is very worrying. $ 400 million is a lot of money. how to solve the problems that are happening this? i can not think of this. so difficult and very far beyond my thinking ability
sr. member
Activity: 840
Merit: 254
bloody hell. i never thought that something like this is still possible to achieve nowadays. if this is true, then i agree with you op. we should have just dedicated more into studying how to be a great hacker. damn. this sht is really crazy. just think of how big that money is! that could make you retire and like like a damn king in some countries! but still, doing something like this will only lead bad karma to anyone who does it. yes, i believe in both good and bad karma. don't wanna talk about it. but seriously though, another great point is that ICOs nowadays really are mostly sh*t. now i really regret not being active here a year ago. never should've listened to all the fuds back then, i would've earned a lot had i not stopped reading here earlier last year when most of the time the ICOs were great :/
And this is only the beginning, supposedly we are some of people that have the most knowledge about technology and that is why we are in bitcoin and yet the results are self evident, what do you think it is going to happen when your average Joe begins to invest in crypto, he is going to lose all his money as well, this is why I think that we are going to eventually see bitcoin banks since people will keep on losing their coins.
full member
Activity: 182
Merit: 101
X-Block.io
bloody hell. i never thought that something like this is still possible to achieve nowadays. if this is true, then i agree with you op. we should have just dedicated more into studying how to be a great hacker. damn. this sht is really crazy. just think of how big that money is! that could make you retire and like like a damn king in some countries! but still, doing something like this will only lead bad karma to anyone who does it. yes, i believe in both good and bad karma. don't wanna talk about it. but seriously though, another great point is that ICOs nowadays really are mostly sh*t. now i really regret not being active here a year ago. never should've listened to all the fuds back then, i would've earned a lot had i not stopped reading here earlier last year when most of the time the ICOs were great :/

$400million isn't enough to live like a king in all countries?!?! ICOs are easy targets for hackers as they're often lax in their security, more established places will have better security in place. Right now as you said a lot of ICOs aren't great but it means the rewards if you can find the good ones can be even greater.
sr. member
Activity: 882
Merit: 403
bloody hell. i never thought that something like this is still possible to achieve nowadays. if this is true, then i agree with you op. we should have just dedicated more into studying how to be a great hacker. damn. this sht is really crazy. just think of how big that money is! that could make you retire and like like a damn king in some countries! but still, doing something like this will only lead bad karma to anyone who does it. yes, i believe in both good and bad karma. don't wanna talk about it. but seriously though, another great point is that ICOs nowadays really are mostly sh*t. now i really regret not being active here a year ago. never should've listened to all the fuds back then, i would've earned a lot had i not stopped reading here earlier last year when most of the time the ICOs were great :/
full member
Activity: 448
Merit: 110
The salient points raised in the news article are some of the reasons why I partly support government regulation of these ICOs. The system is just so messed up with individuals and groups who have no business doing ICOs in the first place. There are many ICO projects out there that do not need the amount there are trying to raise.

the same as what is happening in the forum. A lot of scammers and some nonesense services which they say its free but later on will ask for money. Good thing we have also a growing number of forum "cops". I think these should also be the same around the web in terms of catching these websites, As a common user we have tendency to neglict and just ignore as long as we are not scammed. But i hope we would also at least bring them to spotlight and take actions against them. Because 3.7B is quite high for just annonymous deals.
I appreciate some ongoing efforts by the admin to rid the forum of scammers and fraudulent services especially the recently introduced merit system.

Meanwhile, as long as folks keep exposing, for example posting their private keys in sign up forms and making themselves vunerable to attacks, the $3.7 billion figure will
increase to another startling amount.
newbie
Activity: 109
Merit: 0
Quote
NEW YORK (Reuters) - More than 10 percent of funds raised through “initial coin offerings” are lost or stolen in hacker attacks, according to new research by Ernst & Young that delves into the risks of investing in cryptocurrency projects online.

The professional services firm analyzed more than 372 ICOs, in which new digital currencies are distributed to buyers, and found that roughly $400 million of the total $3.7 billion funds raised to date had been stolen, according to research published on Monday.

Phishing was the most widely used hacking technique for ICOs, with hackers stealing up to $1.5 million in ICO proceeds per month, according to the report.

The research also noted that the volume of ICOs has been slowing since late 2017. Less than 25 percent of ICOs reached their target in November, compared with 90 percent in June.

The study comes amid a cryptocurrency investing craze, with young companies raising hundreds of millions of dollars online to fund their projects, with often little more than a handful of employees and a business plan outlined in a so-called “white paper”.

The challenges faced by more recent ICOs in reaching their targets are partly attributable to the lower quality of projects, as well as issues that have emerged around earlier projects, said Paul Brody, global innovation leader for blockchain technology at Ernst & Young (EY).

“The volume just exploded, people raised their fundraising goals and the quality just dropped,” Brody said in an interview.

“We were shocked by the quality of some of the white papers, we see clear coding errors and we see conflicts of interest between the companies issuing tokens and the community of token holders.”

In ICOs companies typically raise money to build new technology platforms or to fund businesses that use cryptocurrencies, also called tokens, and blockchain, the software that underpins them. Yet for many of these projects the need for blockchain and cryptocurrencies is often unjustified, according to EY.

It also noted valuations of ICO tokens are often driven by “fear of missing out”, or “FOMO”, and have no connection to market fundamentals such as project development. EY said “FOMO” has led investors to pour money into ICOs at record speeds, with the 10 shortest lasting ICOs attracting $300,000 per second on average.

The study also found several instances in which the underlying software code of a project contained hidden investment terms that had not been disclosed, or contradicted previous disclosures. For example, a whitepaper might state that there will be no further issuance of a cryptocurrency, while the code might leave that option open.

https://www.reuters.com/article/us-ico-ernst-young/more-than-10-percent-of-3-7-billion-raised-in-icos-has-been-stolen-ernst-young-idUSKBN1FB1MZ

Its hard to believe phishing is still a valid attack, much less the most successful attack vector utilized to steal money from ICO's.

(I wonder if some of the more shady ICO's raise money, then steal it from themselves to generate income.  Cheesy Cheesy Cheesy)

$400 million is a lot of money. Seems like it pays to be a hacker these days. I should have studied harder to be a hacker in school.


It's very possible that some of these projects hacked themselves to steal investors money or as a sympathy scam of sorts.  It's very odd to sabotage your own project in this way when you've already profited so much, but that's the way she goes sometimes.  It is worth noting that these guys are probably not as well versed as they should be in cybersecurity, which could lead to more hacks.
sr. member
Activity: 840
Merit: 254
Phishing attacks are getting more sophisticated and people are negligible their security.

According to Google, only 10% are using some kind of 2FA. I guess in crypto community the percentage is higher, but still this is one of the main reason phishing attacks to be successful.
This is really surprising, what I mean is people are investing millions of dollars in different coins and they do not take the time to enable 2FA, those people need to check their priorities, it is like people that have been hacked and lost hundreds of coins and they had their bitcoin in the personal computer with a pirated copy of window instead of investing a few dollars in getting a hardware wallet.
jr. member
Activity: 87
Merit: 3
I think hackers is the greatest treat for any any investment or project using Internet but nowadays, hackers are more interested in cryptocurrency and most expecially icos.
However, developers are aware of all this evil from hackers and endup taking the security of their website with little on no security
hero member
Activity: 1834
Merit: 759
Lol, when I was reading the topic title, I assumed the funds were being stolen by the organizers themselves and thought to myself: just 10%?

But yeah, it's not so crazy how many people fall prey to phishing attempts considering that the internet is pretty new in terms of sensitive transaction utility. I imagine most people simply don't know any better. It doesn't help that these attacks are ridiculously elaborate, and unless you're specifically looking out for them, chances are you're going to get duped.

$400 million is a lot of money. Seems like it pays to be a hacker these days. I should have studied harder to be a hacker in school.

Lol, I'd say you only need adequate coding skills. It's pretty trivial to clone websites and perform phishing attacks on the unsuspecting. It's sad, but that's the current state of things.
member
Activity: 118
Merit: 10
Quote
NEW YORK (Reuters) - More than 10 percent of funds raised through “initial coin offerings” are lost or stolen in hacker attacks, according to new research by Ernst & Young that delves into the risks of investing in cryptocurrency projects online.

The professional services firm analyzed more than 372 ICOs, in which new digital currencies are distributed to buyers, and found that roughly $400 million of the total $3.7 billion funds raised to date had been stolen, according to research published on Monday.

Phishing was the most widely used hacking technique for ICOs, with hackers stealing up to $1.5 million in ICO proceeds per month, according to the report.

The research also noted that the volume of ICOs has been slowing since late 2017. Less than 25 percent of ICOs reached their target in November, compared with 90 percent in June.

The study comes amid a cryptocurrency investing craze, with young companies raising hundreds of millions of dollars online to fund their projects, with often little more than a handful of employees and a business plan outlined in a so-called “white paper”.

The challenges faced by more recent ICOs in reaching their targets are partly attributable to the lower quality of projects, as well as issues that have emerged around earlier projects, said Paul Brody, global innovation leader for blockchain technology at Ernst & Young (EY).

“The volume just exploded, people raised their fundraising goals and the quality just dropped,” Brody said in an interview.

“We were shocked by the quality of some of the white papers, we see clear coding errors and we see conflicts of interest between the companies issuing tokens and the community of token holders.”

In ICOs companies typically raise money to build new technology platforms or to fund businesses that use cryptocurrencies, also called tokens, and blockchain, the software that underpins them. Yet for many of these projects the need for blockchain and cryptocurrencies is often unjustified, according to EY.

It also noted valuations of ICO tokens are often driven by “fear of missing out”, or “FOMO”, and have no connection to market fundamentals such as project development. EY said “FOMO” has led investors to pour money into ICOs at record speeds, with the 10 shortest lasting ICOs attracting $300,000 per second on average.

The study also found several instances in which the underlying software code of a project contained hidden investment terms that had not been disclosed, or contradicted previous disclosures. For example, a whitepaper might state that there will be no further issuance of a cryptocurrency, while the code might leave that option open.

https://www.reuters.com/article/us-ico-ernst-young/more-than-10-percent-of-3-7-billion-raised-in-icos-has-been-stolen-ernst-young-idUSKBN1FB1MZ

Its hard to believe phishing is still a valid attack, much less the most successful attack vector utilized to steal money from ICO's.

(I wonder if some of the more shady ICO's raise money, then steal it from themselves to generate income.  Cheesy Cheesy Cheesy)

$400 million is a lot of money. Seems like it pays to be a hacker these days. I should have studied harder to be a hacker in school.

I would say that almost 50%of funds raised in ICOs get stolen as most of the ICO projects are just scam projects aimed at just looting the public money. That's why many countries have either started to regulate or just ban ICOs to protect the interests of their citizens.But still there are some promising ICOs and even some institutional companies are entering ICO to raise the required funds.
hero member
Activity: 1764
Merit: 584
Phising eh? Im surprised that in this day and age, people still fall for these.


(I wonder if some of the more shady ICO's raise money, then steal it from themselves to generate income.  Cheesy Cheesy Cheesy)


That is quite possible. It' easy to just say that you were hacked rather than just disappear into thin air. That way you might still get some suckers to put in money for one more round.
newbie
Activity: 57
Merit: 0
Any time large amounts of money is being thrown around, you WILL get scammers. Protect yourself.
newbie
Activity: 57
Merit: 0
If its only 10% it's worth the risk.

But i don't think its true. Most ICOs that did see the sun where scams. In fact they all are into a certain point, but the earning may pay for that risk.

I will go to 10% hackers and 40% that don't end the ICO and vanish with the money.

Plus more 30% that are not profitable and that leaves you with 20 % ICOs that can live.

From those 20%, 15% are controlled by teams that don't know what to do in the right time and are always changing the roadmap.

This, leaves 5 % that you can get a goo profit. Just need to find them in the jungle.

And take the money asap to not get scammed, don't forget!!

Very much agreed!
hero member
Activity: 1330
Merit: 569
If this is the amount that they are putting an estimate to, that have been stolen then I would say its either not as bad as we thought, or maybe they just decide to be economical with the their findings but trusting the source of the information, I would rely on it. It then means the whole noise about banning of ICO is just blown out of proportion relatively, that amount is on the high side but I wouldn't compare it to the amount that is being raised on various IPO or Right issue of several countries across the world that the directors of those companies have only seen as an avenue to become exceedingly rich in disguise of moving the company forward only to pay investors peanuts as dividend at the end of every year.
full member
Activity: 336
Merit: 112
This is really not surprising, most phishing attacks target stupid people. If you visit some telegram groups from different icos, you'd see that most of the investors there are illiterate, and don't even know a single thing about what they're investing in just for the sake of easy money. You'd see a lot of 'how to invest', 'how to see it in my wallet' kind of questions repeatedly being asked. If they don't know these basic things, they're bound to be victims of phishing attacks.
hero member
Activity: 1232
Merit: 738
Mixing reinvented for your privacy | chipmixer.com
Quote
NEW YORK (Reuters) - More than 10 percent of funds raised through “initial coin offerings” are lost or stolen in hacker attacks, according to new research by Ernst & Young that delves into the risks of investing in cryptocurrency projects online.
Quote
Phishing was the most widely used hacking technique for ICOs, with hackers stealing up to $1.5 million in ICO proceeds per month, according to the report.

this probably true backed up on some research and data gathered by Ernst & Young
but they failed to emphasize.... the 80% of funds raised was stolen by the ICO team itself... in another word SCAM ICO Grin
and only the last 10% probably for the real legit ICO for actual business companies  Wink
newbie
Activity: 11
Merit: 0
The salient points raised in the news article are some of the reasons why I partly support government regulation of these ICOs. The system is just so messed up with individuals and groups who have no business doing ICOs in the first place. There are many ICO projects out there that do not need the amount there are trying to raise.

the same as what is happening in the forum. A lot of scammers and some nonesense services which they say its free but later on will ask for money. Good thing we have also a growing number of forum "cops". I think these should also be the same around the web in terms of catching these websites, As a common user we have tendency to neglict and just ignore as long as we are not scammed. But i hope we would also at least bring them to spotlight and take actions against them. Because 3.7B is quite high for just annonymous deals.
full member
Activity: 448
Merit: 110
The salient points raised in the news article are some of the reasons why I partly support government regulation of these ICOs. The system is just so messed up with individuals and groups who have no business doing ICOs in the first place. There are many ICO projects out there that do not need the amount they are trying to raise.
full member
Activity: 868
Merit: 185
Roobet supporter and player!
Phishing attacks are getting more sophisticated and people are negligible their security.

According to Google, only 10% are using some kind of 2FA. I guess in crypto community the percentage is higher, but still this is one of the main reason phishing attacks to be successful.
Its real! People now on are vulnerable in phishing attacks. We don't have the assurance that our coin is at the good hand. These phishing attacks may lead to a total lose of cryptocurrency. I hope not.
full member
Activity: 266
Merit: 111
This is quite alarming because it says that possiibilities of future crypto hackers can actually steal or savings I think this is an eye opener to developers to become more strict in providing good protection from hackers and also create more strong authentication.It is also a good thing that auditing firms are now starting to look into cryptos they can really give a big help.
legendary
Activity: 1176
Merit: 1005
Decentralized Asset Management Platform
Phishing attacks are getting more sophisticated and people are negligible their security.

According to Google, only 10% are using some kind of 2FA. I guess in crypto community the percentage is higher, but still this is one of the main reason phishing attacks to be successful.
sr. member
Activity: 840
Merit: 254
Quote
NEW YORK (Reuters) - More than 10 percent of funds raised through “initial coin offerings” are lost or stolen in hacker attacks, according to new research by Ernst & Young that delves into the risks of investing in cryptocurrency projects online.

The professional services firm analyzed more than 372 ICOs, in which new digital currencies are distributed to buyers, and found that roughly $400 million of the total $3.7 billion funds raised to date had been stolen, according to research published on Monday.

Phishing was the most widely used hacking technique for ICOs, with hackers stealing up to $1.5 million in ICO proceeds per month, according to the report.

The research also noted that the volume of ICOs has been slowing since late 2017. Less than 25 percent of ICOs reached their target in November, compared with 90 percent in June.

The study comes amid a cryptocurrency investing craze, with young companies raising hundreds of millions of dollars online to fund their projects, with often little more than a handful of employees and a business plan outlined in a so-called “white paper”.

The challenges faced by more recent ICOs in reaching their targets are partly attributable to the lower quality of projects, as well as issues that have emerged around earlier projects, said Paul Brody, global innovation leader for blockchain technology at Ernst & Young (EY).

“The volume just exploded, people raised their fundraising goals and the quality just dropped,” Brody said in an interview.

“We were shocked by the quality of some of the white papers, we see clear coding errors and we see conflicts of interest between the companies issuing tokens and the community of token holders.”

In ICOs companies typically raise money to build new technology platforms or to fund businesses that use cryptocurrencies, also called tokens, and blockchain, the software that underpins them. Yet for many of these projects the need for blockchain and cryptocurrencies is often unjustified, according to EY.

It also noted valuations of ICO tokens are often driven by “fear of missing out”, or “FOMO”, and have no connection to market fundamentals such as project development. EY said “FOMO” has led investors to pour money into ICOs at record speeds, with the 10 shortest lasting ICOs attracting $300,000 per second on average.

The study also found several instances in which the underlying software code of a project contained hidden investment terms that had not been disclosed, or contradicted previous disclosures. For example, a whitepaper might state that there will be no further issuance of a cryptocurrency, while the code might leave that option open.

https://www.reuters.com/article/us-ico-ernst-young/more-than-10-percent-of-3-7-billion-raised-in-icos-has-been-stolen-ernst-young-idUSKBN1FB1MZ

Its hard to believe phishing is still a valid attack, much less the most successful attack vector utilized to steal money from ICO's.

(I wonder if some of the more shady ICO's raise money, then steal it from themselves to generate income.  Cheesy Cheesy Cheesy)

$400 million is a lot of money. Seems like it pays to be a hacker these days. I should have studied harder to be a hacker in school.

Phishing may be be basic but it is effective, I invested in an ico some months ago, and in the telegram channel and slack there were a lot of phishing and social engineering attacks, the devs gave a warning and identified themselves to try to stop those attacks but there were many coins stolen and things only got worse when people tried to sell their coins because the price took a nosedive after the ico.
member
Activity: 110
Merit: 10
If its only 10% it's worth the risk.

But i don't think its true. Most ICOs that did see the sun where scams. In fact they all are into a certain point, but the earning may pay for that risk.

I will go to 10% hackers and 40% that don't end the ICO and vanish with the money.

Plus more 30% that are not profitable and that leaves you with 20 % ICOs that can live.

From those 20%, 15% are controlled by teams that don't know what to do in the right time and are always changing the roadmap.

This, leaves 5 % that you can get a goo profit. Just need to find them in the jungle.

And take the money asap to not get scamed, don't forget!!
sr. member
Activity: 644
Merit: 259
CryptoTalk.Org - Get Paid for every Post!
Quote
NEW YORK (Reuters) - More than 10 percent of funds raised through “initial coin offerings” are lost or stolen in hacker attacks, according to new research by Ernst & Young that delves into the risks of investing in cryptocurrency projects online.

The professional services firm analyzed more than 372 ICOs, in which new digital currencies are distributed to buyers, and found that roughly $400 million of the total $3.7 billion funds raised to date had been stolen, according to research published on Monday.

Phishing was the most widely used hacking technique for ICOs, with hackers stealing up to $1.5 million in ICO proceeds per month, according to the report.

The research also noted that the volume of ICOs has been slowing since late 2017. Less than 25 percent of ICOs reached their target in November, compared with 90 percent in June.

The study comes amid a cryptocurrency investing craze, with young companies raising hundreds of millions of dollars online to fund their projects, with often little more than a handful of employees and a business plan outlined in a so-called “white paper”.

The challenges faced by more recent ICOs in reaching their targets are partly attributable to the lower quality of projects, as well as issues that have emerged around earlier projects, said Paul Brody, global innovation leader for blockchain technology at Ernst & Young (EY).

“The volume just exploded, people raised their fundraising goals and the quality just dropped,” Brody said in an interview.

“We were shocked by the quality of some of the white papers, we see clear coding errors and we see conflicts of interest between the companies issuing tokens and the community of token holders.”

In ICOs companies typically raise money to build new technology platforms or to fund businesses that use cryptocurrencies, also called tokens, and blockchain, the software that underpins them. Yet for many of these projects the need for blockchain and cryptocurrencies is often unjustified, according to EY.

It also noted valuations of ICO tokens are often driven by “fear of missing out”, or “FOMO”, and have no connection to market fundamentals such as project development. EY said “FOMO” has led investors to pour money into ICOs at record speeds, with the 10 shortest lasting ICOs attracting $300,000 per second on average.

The study also found several instances in which the underlying software code of a project contained hidden investment terms that had not been disclosed, or contradicted previous disclosures. For example, a whitepaper might state that there will be no further issuance of a cryptocurrency, while the code might leave that option open.

https://www.reuters.com/article/us-ico-ernst-young/more-than-10-percent-of-3-7-billion-raised-in-icos-has-been-stolen-ernst-young-idUSKBN1FB1MZ

Its hard to believe phishing is still a valid attack, much less the most successful attack vector utilized to steal money from ICO's.

(I wonder if some of the more shady ICO's raise money, then steal it from themselves to generate income.  Cheesy Cheesy Cheesy)

$400 million is a lot of money. Seems like it pays to be a hacker these days. I should have studied harder to be a hacker in school.

Phishing please, that is indeed the most novice ways to hack and if the ICO's wants us to believe that they were compromised because of Phishing, then indeed they are very much lying. Since this is a theft,  think the proper securities should be made aware of it so that they can give the investors exactly what happens.
hero member
Activity: 966
Merit: 507
These figures seem to be underestimated. I bet the real number is unfortunately much more than 10%. Nice article though.
legendary
Activity: 2562
Merit: 1441
Quote
NEW YORK (Reuters) - More than 10 percent of funds raised through “initial coin offerings” are lost or stolen in hacker attacks, according to new research by Ernst & Young that delves into the risks of investing in cryptocurrency projects online.

The professional services firm analyzed more than 372 ICOs, in which new digital currencies are distributed to buyers, and found that roughly $400 million of the total $3.7 billion funds raised to date had been stolen, according to research published on Monday.

Phishing was the most widely used hacking technique for ICOs, with hackers stealing up to $1.5 million in ICO proceeds per month, according to the report.

The research also noted that the volume of ICOs has been slowing since late 2017. Less than 25 percent of ICOs reached their target in November, compared with 90 percent in June.

The study comes amid a cryptocurrency investing craze, with young companies raising hundreds of millions of dollars online to fund their projects, with often little more than a handful of employees and a business plan outlined in a so-called “white paper”.

The challenges faced by more recent ICOs in reaching their targets are partly attributable to the lower quality of projects, as well as issues that have emerged around earlier projects, said Paul Brody, global innovation leader for blockchain technology at Ernst & Young (EY).

“The volume just exploded, people raised their fundraising goals and the quality just dropped,” Brody said in an interview.

“We were shocked by the quality of some of the white papers, we see clear coding errors and we see conflicts of interest between the companies issuing tokens and the community of token holders.”

In ICOs companies typically raise money to build new technology platforms or to fund businesses that use cryptocurrencies, also called tokens, and blockchain, the software that underpins them. Yet for many of these projects the need for blockchain and cryptocurrencies is often unjustified, according to EY.

It also noted valuations of ICO tokens are often driven by “fear of missing out”, or “FOMO”, and have no connection to market fundamentals such as project development. EY said “FOMO” has led investors to pour money into ICOs at record speeds, with the 10 shortest lasting ICOs attracting $300,000 per second on average.

The study also found several instances in which the underlying software code of a project contained hidden investment terms that had not been disclosed, or contradicted previous disclosures. For example, a whitepaper might state that there will be no further issuance of a cryptocurrency, while the code might leave that option open.

https://www.reuters.com/article/us-ico-ernst-young/more-than-10-percent-of-3-7-billion-raised-in-icos-has-been-stolen-ernst-young-idUSKBN1FB1MZ

Its hard to believe phishing is still a valid attack, much less the most successful attack vector utilized to steal money from ICO's.

(I wonder if some of the more shady ICO's raise money, then steal it from themselves to generate income.  Cheesy Cheesy Cheesy)

$400 million is a lot of money. Seems like it pays to be a hacker these days. I should have studied harder to be a hacker in school.
Jump to: