Bitcoin fraud, theft, and security statistics

Bitcoin prices have fluctuated wildly over the past several months, so it’s no surprise that keeping bitcoin and other cryptocurrencies secure is a priority for investors. Since the development of bitcoin in 2009, we have seen an increase in the frequency of crimes involving cryptocurrencies. These range from simple Ponzi schemes to elaborate heists. And even if bitcoin owners think their stash is secure, some are their own worst enemies as they forget passwords or codes, blocking access to their funds.

Here, we delve into the most interesting statistics and trends surrounding cryptocurrency and bitcoin theft, fraud, and security based on the latest reports.

1. The biggest cryptocurrency heist to date was the 2018 Coincheck hack

We researched the biggest cryptocurrency hacks of all time and found that the largest heist was the Coincheck hack that took place in 2018. At the time, the amount stolen equated to around 58 billion Japanese yen (which was roughly $532 million USD).

2. Another huge hack was the Mt Gox exchange, which lost $470 million

At its peak, Mt Gox was responsible for 70 percent of bitcoin transactions. A hack took place gradually over several years but was not admitted until 2014. In total, around 850,000 bitcoins were stolen, and even though the value of bitcoin was relatively low, this haul was worth around $470 million at the time. Of course, now the value of the stolen coins is much higher.

3. John McAfee, accused in a $13 million fraud scheme, found dead

In March of 2021, we reported that John McAfee (of antivirus fame) and his bodyguard were accused of running a cryptocurrency “pump and dump” scheme which allegedly saw them swindle $13 million out of crypto investors.

Pump and dump schemes involve inflating the price of a stock by promoting it to investors, and then selling it off when the price is deemed high enough. The selloff results in the price of the stock dropping, causing major losses for investors.

Since that time, John McAfee received an indictment from Tennessee prosecutors to face trial for tax evasion involving income accrued from cryptocurrencies. If found guilty, McAfee could have faced up to 30 years in prison.

Just hours after confirmation of an extradition order to remove McAfee from Spain to face trial in the US, the entrepreneur was discovered dead in his prison cell. According to official reports from the jail in Barcelona, it is believed that the cryptocurrency enthusiast committed suicide.

4. Centra Tech co-founder Sam Sharma was handed an 8-year sentence for fraud

Centra Tech was involved in a large fraud scheme that saw the company rake in over $25 million, although at one point, these funds were worth over $60 million. Centra Tech purported to offer crypto-related financial products including a special debit card that was endorsed by several celebrities.

It transpired that the company had made false claims about its products and had even created a fake CEO. In March 2021, co-founder of the company, Sam Sharma, was sentenced to eight years in prison for his role in the scheme.

5. 2021 saw a 23% year-on-year increase in cryptojacking

Cryptojacking uses malware to mine bitcoin or other cryptocurrency on the victim’s device, and the attacker pockets the proceeds. It was predicted that the 2019 demise of Coinhive (then the largest crypto mining operation) would signal the death of cryptojacking.

Unfortunately, according to the 2021 SonicWall Cyber Threat Report, there was a significant year-on-year increase in global cryptojacking attacks in 2020. Of note, March 2020 saw over 15 million attacks and year-on-year increases in August to December ranged from 100 percent (in December) to 1,400 percent (in August).

According to the mid-year report, there were 51.1 million cryptojacking hacks in the first half of 2021. This represents a 23% increase over the same period the year before.

cryptojacking stats
Source SonicWall

6. Cryptojacking rose 260% in North America in 2020

The 2021 SonicWall report breaks things down by region. One notable statistic is the increase in attacks in North America. The number of attacks rose by a whopping 280 percent. In Asia, there was a vastly different story; as cryptojacking actually fell 87% percent.

In 2021, the CrowdStrike Falcon OverWatch™ team reported that the volume of cryptojacking intrusions more than quadrupled compared to 2020. This reveals that cryptojacking averages continue to rise across the world.

7. 2020 cryptojacking attacks on healthcare rose almost 1,400%

SonicWall also looked at how cryptojacking affects different industries. Healthcare was hit hard by a number of threats in 2020 and indeed this industry saw the largest increase in cryptojacking attacks, with prevalence rising a whopping 1,391%.

These are frightening statistics because of the way in which attacks can potentially cause harm or a loss of life. Sadly, the mid-year 2021 report did not mention this statistic specifically, so we will need to wait for the 2022 report to find out whether healthcare institutions are still being targeted at such alarming rates. Watch this space!

8. £3.5 billion is at stake in lawsuits brought about by claimed bitcoin inventor Craig Wright

Craig Wright is a computer scientist who claims he is the inventor of bitcoin. In February 2021, Wright launched legal actions against the developers of several cryptocurrencies. Those legal actions could be worth a total of £3.5 billion. While the details of the actions are complex, essentially, Wright is taking action against developers over access to hacked addresses containing stolen bitcoin.

9. Police seized 581 bitcoin mining machines in a sting operation

Mining Bitcoin requires an immense amount of computing power and, therefore, electricity. In March 2021, a Malaysian police bust on a bitcoin mining syndicate resulted in the seizure of hundreds of mining machines. It’s reported that the syndicate was stealing electricity supply, leading police to raid nine premises in Bandar Enstek and Bandar Baru Nilai.

10. Cryptocurrency hacks and thefts increased almost 40% in 2020

According to research by Trading Platforms UK, cryptocurrency hacks and thefts in 2020 involved $513 million worth of bitcoin and other cryptocurrencies. This was up 38.38 percent compared to 2019. That said, the year with the highest figure was 2018 with $950 million worth of hacks and thefts.

Value of hacks and thefts.
Source: Trading Platforms UK

11. Blockchain fraud and misappropriation was valued at almost $1.4 billion in 2020

The Trading Platforms UK report also noted that blockchain fraud and misappropriation declined significantly in 2020. 2019 was a huge year for these crimes and saw them valued at almost $4.5 billion. Still, the $1.387 billion observed in 2020 was no small sum and was almost double the 2018 amount of $750 million.

12. Losses from crypto-related crime rose 79 percent

According to the 2021 Chainanalysis Crypto Crime report, a massive spike in theft and scams led to global increases of 79% in crypto-related crimes.

According to Chainanalysis, a 912% increase in DeFi transactions helped to drive these elevated crypto-crime rates.

13. 5.6 million crypto storage apps were downloaded in the first month of 2021

With bitcoin seeing a resurgence in popularity in early 2021, it’s perhaps no surprise that this was accompanied by a sharp increase in the number of downloads of crypto storage apps. 5.6 million such apps were downloaded in January 2021 alone. To put this in perspective, 18.13 million of these apps were downloaded in the whole of 2020.

Number of crypto app uploads.
Source: Trading Platforms UK

14. One fraudster robbed over 3,500 victims

According to reports, a Swedish man who pled guilty to wire fraud, securities fraud, and money laundering charges defrauded $16 million in cryptocurrency from at least 3,575 victims.

Roger Mils-Jonas Karlsson was accused of using several aliases and conducting various fictitious schemes, persuading victims to hand over funds in the form of cryptocurrencies.

15. Over 100 people were arrested in the PlusToken Ponzi scheme

The PlusToken cryptocurrency fraud ring originated in South Korea and was advertised as a high-yield investment, with claims of returns up to 18 percent per month. It’s believed the scammers withdrew over $3 billion worth from the accounts of investors in June 2019, prompting an international manhunt.

In July 2020, 109 people were arrested by Chinese authorities for their involvement in the scheme. November 2020 reports suggest that digital assets seized in the crackdown were worth over $4 billion. Top operators of the scam were jailed for up to 11 years in December 2020.

16. Scams are responsible for the majority of cryptocurrency received by illicit entities

According to the Chainalysis Crypto Crime 2021 Report, in 2020, around one percent of all cryptocurrency activity involved illicit activities. The report broke down what activities these illicit funds were involved in, with scams accounting for the majority. Darknet markets were also responsible for a significant amount, with ransomware and stolen funds accounting for smaller portions.

Crypto received by illicit entities.
Source: Chainalysis

17. Bitcoin scam revenue peaked in August 2020

Bitcoin revenue from scams grew significantly during the first eight months of 2020 but declined during the last four months of the year. While scams made up a large portion of illicit funds, the portion did actually decrease compared to the previous year. This decline was attributed to the absence of the PlusToken scheme, which inflated 2019 figures.

18. Bitcoin scammers launder money through gambling platforms

As with fiat currencies, illicit entities launder bitcoin that’s involved in criminal activity. Chainalysis tells us that one of the most popular avenues for bitcoin laundering by scammers is through gambling sites.

19. Scammers are all over the world but concentrated in several countries

Of course, it’s nearly impossible to find out where some scams stem from, but Chainalysis estimates where various crimes originate by analyzing the web traffic of services that receive illicit funds. It found that the top country for cryptocurrency scams to emerge from was the US, followed by South Africa and the UK, with China and Russia rounding out the top five.

Countries receiving illicit funds.
Source: Chainalysis

20. More than €3 million was stolen in the Ledger phishing scam

Phishing scams don’t make up a huge percentage of bitcoin scams, but the Ledger phishing scam was notable. Ledger provides hardware wallets, devices on which users store cryptocurrency. After user email addresses were leaked in a data breach (disclosed in July 2020), a subsequent October phishing scam targeted customers involved in the breach.

Emails sent to victims contained a link leading to a phishing site that looked like the legitimate Ledger website. In turn, the website contained a link that actually downloaded malware capable of draining the victim’s Ledger wallet. Chainalysis has identified more than  €3 million worth of stolen funds related to the scheme.

21. Over half a billion dollars in cryptocurrency was stolen in 86 attacks in 2020

2020 saw far more cryptocurrency thefts than 2019 or 2018. 86 attacks were recorded in 2020, while the number was 24 in 2019 and around 16 in 2018. However, the number of attacks doesn’t tell the full story and 2018 was actually a far worse year in terms of the amount stolen ($1.2 billion compared to $500 million in 2020).

22. Around $4 billion in cryptocurrencies was stolen in 2021

4 billion in hacked cryptocurrency funds were recorded in 2021. Of those crimes, a massive attack on the Poly Network in August accounted for $610 million of those stolen funds. This makes Poly Network hack the biggest DeFi attack of all time.

23. More than half of the 2020 haul was from the KuCoin hack

Chainalysis also notes that a significant portion of stolen funds often results from a single attack. Almost half of the amount stolen in 2018 was from the Coincheck hack and more than half of the 2020 amount resulted from the KuCoin hack.

24. Telegram was ordered to pay $1.2 billion to investors

Telegram’s 2018 ICO was met with skepticism from the get-go, and although there was no admission of wrongdoing, Telegram did end up having to pay investors over $1.2 billion in June 2020. At the same time, a civil penalty of $18.5 million was also imposed. Charges centered around the fact that Telegram did not register its early sale of “Grams” tokens worth $1.7 billion.

25. 20 percent of the existing bitcoin is considered lost

According to Chainalysis, 20 percent of the roughly 18.5 million bitcoin in existence has not moved from its respective addresses in five years or more. It considers this 3.7 million bitcoin (worth around $207 billion at the time of writing) as lost.

Infographic showing where bitcoin has gone.
Source: Chainalysis

And that’s not too difficult to believe when you consider some of the stories circulating. For example, Stefan Thomas, a software developer who is heavily involved in the world of cryptocurrency, is missing a good chunk of coin. For years, he has been trying to figure out the password to his IronKey which holds 7,002 bitcoin (worth around $392 million).

Across the pond in the UK, IT worker James Howells has even tried digging up a landfill site to find his hard drive containing a digital wallet housing 7,500 bitcoins. He threw away the drive back in 2013 when the coins were essentially worthless.

FAQs about Bitcoin fraud, theft, and security

What are some red flags of Bitcoin fraud?

There are several things to look out for to recognize Bitcoin fraud. These include:

  • Suspicious or unusual activity on a Bitcoin wallet
  • Unexplained or sudden changes in transaction history
  • Receiving requests for payment in Bitcoin from unfamiliar or untrust

What is Bitcoin theft?

Bitcoin theft is the unauthorized taking of Bitcoin from a digital wallet. This can happen through several means, including hacking into a Bitcoin exchange or service or simply stealing a user's private key. In either case, the result is the same: the loss of Bitcoin for the victim.