Bitcoin fraud, theft, and security statistics

Bitcoin prices have been climbing pretty steadily over the past year, and as expected, cybercriminals are once again trying to cash in. Of course, cryptocurrency is fairly volatile on its own, with suddenly-collapsing exchanges and lost wallets contributing to catastrophic losses for investors.

We’ll be discussing the most recent figures on Bitcoin fraud and statistics to shed some light on the state of Bitcoin fraud and security in 2024.

1. The biggest cryptocurrency heist to date was the 2022 Ronin Network hack

For years, 2018’s Coincheck breach was the biggest cryptocurrency hack of all time, with a loss of $470 million. However, it has since been beaten three times, with the 2022 Ronin Nework breach leapfrogging it by almost a third. In total, around $620 million was stolen, which is about the same as the combined GDP of Colorado and Oregon in 2022.

2023 did have one heist make history, though. Mixin Network was hacked, leading to a loss of around $200 million. This is a comparatively small amount compared to the examples above, but is still the 10th most-costly crypto heist in history.

2. Another huge hack was the Mt Gox exchange, which lost $470 million

At its peak, Mt Gox was responsible for 70 percent of bitcoin transactions. A hack took place gradually over several years but was not admitted until 2014. In total, around 850,000 bitcoins were stolen, and even though the value of bitcoin was relatively low, this haul was worth around $470 million at the time. Of course, now the value of the stolen coins is much higher.

3. Influencers increasingly involved in pump and dump schemes

Everyone wishes they’d gotten in at the beginning of Bitcoin, which is why it’s so common to hear people hyping up the next big cryptocurrency. The problem is that, a lot of the time, these are simple pump and schemes designed to net the creators or initial investors money at the expense of those who buy in later.

Bad actors have come to realize that the easiest way to generate a buzz about their coin is to pay an influencer. In the last two years alone, several high-profile personalities including Logan Paul, Floyd Mayweather, and Kim Kardashian have all been linked to pump and dump grifts. The tide may be turning, though, with the US government officially charging people for these crimes and even issuing fines for promoting crypto without revealing that they were paid to do so.

4. FTX collapses, wiping billions from the crypto market

Crypto exchange FTX collapsed unexpectedly in November 2022, after CoinDesk reported that a large proportion of FTX’s assets comprised of tokens issued by another of the founder’s companies. This caused a run, leading to a liquidity crisis. Shortly after, FTX is hacked, losing almost half a billion dollars.

The company’s CEO, Sam Bankman-Fried, was arrested shortly after on suspicion of fraud and money-laundering. He’s suspected of stealing more than $10 billion of customer deposits.

5. 2023 saw a 399% increase in cryptojacking

Cryptojacking uses malware to mine bitcoin or other cryptocurrency on the victim’s device, and the attacker pockets the proceeds. It was predicted that the 2019 demise of Coinhive (then the largest crypto mining operation) would signal the death of cryptojacking.

Unfortunately, according to the 2023 SonicWall Cyber Threat Report, this isn’t the case. 2023 has been a record-breaking year for cryptojackers, with nearly 400 percent growth in the first six months alone. For context, that’s 332 million recorded instances — more than the total volume for the last three years combined.

Screenshot showing growth of cryptojacking attempts by year

6. Cryptojacking rose 788% in Europe in 2023

The 2023 SonicWall report breaks things down by region. Interestingly, Europe experienced a never-before-seen 788 percent increase in cryptojacking attempts, while Asia saw an increase of just one percent.

7. 2023 cryptojacking attacks on healthcare rose almost 700%

SonicWall also looked at how cryptojacking affects different industries. Healthcare has been an attractive target for years and this doesn’t appear to be changing. In fact, the first half of 2023 saw an increase of 690 percent.

However, the worst hit demographic is education. Since last year, organizations experienced 320 times as many cryptojacking attempts, bringing the average percentage of affected bodies to 0.55. This means that one in every 180 educational facilities is infected.

8. £3.5 billion is at stake in lawsuits brought about by claimed bitcoin inventor Craig Wright

Craig Wright is a computer scientist who claims he is the inventor of bitcoin. In February 2021, Wright launched legal actions against the developers of several cryptocurrencies. Those legal actions could be worth a total of £3.5 billion. While the details of the actions are complex, essentially, Wright is taking action against developers over access to hacked addresses containing stolen bitcoin. The trial is expected to go ahead in 2024.

9. Police regularly seizing bitcoin miners from criminals

Mining Bitcoin requires an immense amount of computing power and, therefore, electricity. In 2021 alone, Malaysian police seized almost 2,000 bitcoin mining machines (before crushing them with a steamroller for viral fame). Meanwhile, in the UK, after detecting high amounts of heat coming from a property, officers looking for a cannabis farm stumbled onto a bitcoin mining setup stealing thousands of pounds of electricity.

2023 also saw mining rigs pop up in unexpected places including the remote island of Borneo, abandoned factories, and a Venezuelan prison. Clearly, criminals know that there’s money to be made and won’t let a simple factor like location stop them.

10. State-sponsored hacking remains a huge threat

According to TRM Labs, North Korea was responsible for an eye-watering $600 million of crypto theft in 2023. Perhaps even more shocking is the fact that this actually represents a fall of 30 percent from the year prior.

They’re not limited to Bitcoin either, as in 2022, the FBI officially linked the country to over half a million dollars worth of stolen Etherium. Since 2017, North Korea is estimated to half taken more than $3 billion, making it (as far as we know), the world’s highest-earning cybercriminal.

11. Blockchain fraud and misappropriation was valued at almost $1.4 billion in 2023

CoinDesk estimates that around $1.35 billion was lost by Ethereum alone in 2023, with BNB Chain losing $110 million and zkSync Era losing $5 million. This is a dramatic reduction from the $4.5 billion lost in 2019 but still far more than we’d like.

12. October 2022 was the biggest month ever for crypto fraud

According to the 2023 Chainanalysis Crypto Crime report, October 2022 saw over 30 major crypto hacks, leading to $775 million in losses. In short, that month alone accounted for 22 percent of all crypto losses that year.

13. Crypto wallet apps declining in popularity

In September 2023, the number of crypto wallet downloads hit a three-year lull. Interest had been declining steadily for since 2021 (when 40 million such apps were downloaded) but this is especially surprising given the bull run Bitcoin has had so far.

Graph showing the number of crypto wallet downlodas from 2015 to 2023

14. One fraudster robbed over 3,500 victims

According to reports, a Swedish man who pled guilty to wire fraud, securities fraud, and money laundering charges defrauded $16 million in cryptocurrency from at least 3,575 victims.

Roger Mils-Jonas Karlsson was accused of using several aliases and conducting various fictitious schemes, persuading victims to hand over funds in the form of cryptocurrencies.

15. Over 100 people were arrested in the PlusToken Ponzi scheme

The PlusToken cryptocurrency fraud ring originated in South Korea and was advertised as a high-yield investment, with claims of returns up to 18 percent per month. It’s believed the scammers withdrew over $3 billion worth from the accounts of investors in June 2019, prompting an international manhunt.

In July 2020, 109 people were arrested by Chinese authorities for their involvement in the scheme. November 2020 reports suggest that digital assets seized in the crackdown were worth over $4 billion. Top operators of the scam were jailed for up to 11 years in December 2020.

16. Illicit funds frequently arrive on mainstream exchanges

According to the Chainalysis Crypto Crime 2023 Report, in 2022, the majority of funds leaving ransomware wallets (48.3 percent) end up on a centralized exchange. Only 6.7 percent of criminals put their funds on high-risk exchanges, with roughly 15 percent utilizing mixer services to hide their coins’ origins.

Graph showing the destinations of funds leaving ransomware wallets in 2022

17. Bitcoin is not the coin of choice for money-laundering anymore

Bitcoin used to be the go-to coin for criminals but now that it’s better-known, they’ve moved away from it. This may also be because law enforcement have more experience tracing wallets and getting victims’ money back. In any case, the 20 biggest money-laundering wallets received around 19 percent of all illicit Bitcoin in 2021, whereas they accounted for about 85 percent of all illict Ethereum transfers.

18. Scammers are all over the world but concentrated in several countries

Of course, it’s nearly impossible to find out where some scams stem from, but Chainalysis’ 2022 report estimates where various crimes originate by analyzing the web traffic of services that receive illicit funds. It found that the top country for cryptocurrency scams to emerge from was the US, followed by South Africa and the UK, with China and Russia rounding out the top five.

Countries receiving illicit funds.
Source: Chainalysis

19. More than €3 million was stolen in the Ledger phishing scam

Phishing scams don’t make up a huge percentage of bitcoin scams, but the Ledger phishing scam was notable. Ledger provides hardware wallets, devices on which users store cryptocurrency. After user email addresses were leaked in a data breach (disclosed in July 2020), a subsequent October phishing scam targeted customers involved in the breach.

Emails sent to victims contained a link leading to a phishing site that looked like the legitimate Ledger website. In turn, the website contained a link that actually downloaded malware capable of draining the victim’s Ledger wallet. Chainalysis has identified more than  €3 million worth of stolen funds related to the scheme.

20. More than half of the 2020 haul was from the KuCoin hack

Chainalysis also notes that a significant portion of stolen funds often results from a single attack. Almost half of the amount stolen in 2018 was from the Coincheck hack and more than half of the 2020 amount resulted from the KuCoin hack.

21. Telegram was ordered to pay $1.2 billion to investors

Telegram’s 2018 ICO was met with skepticism from the get-go, and although there was no admission of wrongdoing, Telegram did end up having to pay investors over $1.2 billion in June 2020. At the same time, a civil penalty of $18.5 million was also imposed. Charges centered around the fact that Telegram did not register its early sale of “Grams” tokens worth $1.7 billion.

Companies have failed to learn from Telegram’s experience, though. In 2023, both Nexo and Barnbridge DAO were sanctioned by the SEC for the exact same thing.

22. 20 percent of the existing bitcoin is considered lost

According to IntoTheBlock, 29 percent of the roughly 19.5 million bitcoin in existence has not moved from its respective addresses in five years or more. It considers this currency (worth around $250 billion at the time of writing) as lost.

And that’s not too difficult to believe when you consider some of the stories circulating. For example, Stefan Thomas, a software developer who is heavily involved in the world of cryptocurrency, is missing a good chunk of coin. For years, he has been trying to figure out the password to his IronKey which holds 7,002 bitcoin (worth around $310 million).

Across the pond in the UK, IT worker James Howells has even tried digging up a landfill site to find his hard drive containing a digital wallet housing 7,500 bitcoins. He threw away the drive back in 2013 when the coins were essentially worthless.

FAQs about Bitcoin fraud, theft, and security

What are some red flags of Bitcoin fraud?

There are several things to look out for to recognize Bitcoin fraud. These include:

  • Suspicious or unusual activity on a Bitcoin wallet
  • Unexplained or sudden changes in transaction history
  • Receiving requests for payment in Bitcoin from unfamiliar or untrust

What is Bitcoin theft?

Bitcoin theft is the unauthorized taking of Bitcoin from a digital wallet. This can happen through several means, including hacking into a Bitcoin exchange or service or simply stealing a user’s private key. In either case, the result is the same: the loss of Bitcoin for the victim.