Hackers return to their roots


This article is an on-site version of our Cryptofinance newsletter. Premium subscribers can sign up here to get the newsletter delivered every week. Standard subscribers can upgrade to Premium here, or explore all FT newsletters

Hello and welcome to the FT Cryptofinance newsletter.

An apocryphal tale goes that when American robber Willie Sutton was asked why he targeted banks, he replied: “Because that’s where the money is.”

The same may be true of the current trend in hacking on crypto markets. Theft of assets has been endemic to the ‘do-it-yourself’, unregulated nature of the crypto market and this year has been no exception.

WazirX, an Indian exchange, suffered a $325mn hack in July; Japan’s DMM Bitcoin exchange was hacked for $305mn in May; and $290mn was taken from South Korean crypto gaming platform PlayDapp in February. There has also been a steady stream of smaller hits of less than $10mn.

But a report from blockchain analysis group Chainalysis flagged up one significant development: cyber thieves are increasingly turning away from attacks on the holes found in decentralised finance, or DeFi, networks and “returning to their roots” by targeting centralised exchanges.

The number of hacks that took place in the first half of the year was up by just four, to 149, but the value of funds stolen in crypto heists in the first half of the year nearly doubled, year on year, to close to $1.6bn.

Some of that can simply be explained away by bitcoin’s rise this year, making it a more tempting high-value target. But it may also be down to the fact that hackers are moving away from DeFi, where bitcoin isn’t traded as frequently, to where the bitcoin are.

As Chainalysis found, last year 30 per cent of transaction volumes associated with the movement of stolen funds was associated with bitcoin. This year it has risen to 40 per cent.

There’s a wide range of hackers, from highly sophisticated, state-backed players to individuals who simply spotted an opportunity.

But Eric Jardine, cyber crime research lead at Chainalysis, argues that the increasing complexity of the market means many hackers are now eyeing exchanges offering multiple services, such as broking and custodianship of assets.

“The more you concentrate assets, the more tantalising the target and the more catastrophic the outcome if something breaks,” he said.

Normally a hack spells the end of a project, although the theft of $12mn from crypto app Ronin Network last week — two years after it lost $625mn in another hack — shows survival can be merely an opportunity for fresh disaster.

This concentration of assets and potential increased threat of hacks may have longer term consequences for the exchanges, which brand themselves as trusted, reliable partners for those new to crypto, and therefore attract a far wider range of stakeholders.

The first is that insurance companies may up their demands, such as the safeguards they require from exchanges. “If centralised exchanges are insuring assets against cyber attack, the insurers will have something to say about that,” said Jardine.

Another is that regulators grappling with writing the first standards for the crypto market may set out explicit, required minimum standards, such as a security audit, or a few basic customer protections.

“One of the advantages of centralisation, from a regulatory standpoint, is ease of regulation as there’s only so many centralised services. If there’s a large concentration of value and only a few actors holding that value, some sort of regulatory move seems plausible to me,” Jardine said.

WazirX and DMM initially took different approaches to repaying victims — DMM raised money to pay them back, WazirX opted to lock up customer funds — but that difference in approach may become tougher to sustain if a common set of global standards begins to emerge.

Preventing the runs

Some people argue that stablecoins can’t have runs as people don’t rush to withdraw their cash from safe and unleveraged balance sheets. Three employees of Circle Financial, operator of the USDC stablecoin, beg to differ. This week they put out a white paper suggesting a capital framework for stablecoins, deposit tokens and tokenised cash.

The aim would be to safeguard against financial shocks, prevent runs and generally boost customer confidence, in much the same way that tougher rules on bank capital were one of the big reforms of the post-2008 world.

The authors argue that stablecoins, deposit tokens et al could face the risk of a co-ordinated run, because they are traded publicly.

“Trading generates a secondary market price, which provides an observable signal, rendering the issuer more susceptible to runs,” they note.

“If token holders observe large secondary market price declines or large redemption volumes, they might also sell or redeem the token without regard to the fundamentals of the asset backing, as their belief in the stability of the tokens depends on the belief of others,” they add.

They explore Circle’s exposure to Silicon Valley Bank, unsurprisingly concluding a capital framework would have helped stem panic selling of USDC. Even so, worth a read.

Weekly highlights

  • Senate majority leader Chuck Schumer told a “town hall” of the crypto industry, which is lobbying Kamala Harris, that he wanted to pass crypto legislation before the end of the year. Lawmakers in the House of Representatives passed a bill covering the crypto market in May but it has yet to go to a Senate vote.

  • Buying the Dip: Marathon Digital, the largest US-listed crypto miner, raised $300mn in debt to buy more bitcoin. As of the end of July it had bought a further 4,144 bitcoin, taking its total holdings to more than 25,000. That made it the second-largest listed company with bitcoin on its balance sheet, according to Bitcointreasuries.com, far ahead of Tesla but only around a 10th of the holdings of MicroStrategy.

  • Defiance ETFs announced MSTX, the first single-stock long leveraged ETF for MicroStrategy. As my colleague Robin Wigglesworth put it: “So that’s leverage on leverage on an underlying asset that is already rife with leveraged trading.”

Data mining: Bitcoin de-correlates from the market, again

And just like that, the Great Global Market Crash of August 2024 was over. In the past few days much of the sell-off has unwound as if it had never happened. Based on market prices from July 30, the day before the Bank of Japan raised interest rates by 0.25 percentage points and as the Fed was holding its last meeting, the retracement has been impressive.

The S&P 500 is up nearly 2 per cent since then and tech darling Nvidia is up 18 per cent. Japan’s Topix, at one point down nearly 20 per cent, has fallen 2.8 per cent. The yen strengthened against the dollar but has subsequently given back half of those gains.

The real outlier is crypto. At the time of publication, bitcoin was down 11.4 per cent and ethereum off 20 per cent in the same period. True, crypto prices are rarely perfectly correlated with other markets — but they were very closely correlated in early August. That correlation looks to have fallen away again.

Looking for reasons why crypto prices move as they do can be a fool’s errand but it’s notable that prices have become subdued as Donald Trump’s lead over Kamala Harris in the US election polls disappeared.

The market may not yet have worked out how to position itself around the election but crypto could end up being one of the markets with the strongest reaction to the outcome of November’s vote.

Line chart of Rebased showing Crypto underperforms as global markets rebound

Cryptofinance is edited by Laurence Fletcher. To view previous editions of the newsletter click here.

Your comments are welcome.



Source link