The year 2018 marked a pivotal moment in the evolution of blockchain technology. While public interest in cryptocurrencies surged, so did the frequency and severity of security threats targeting this emerging ecosystem. Based on a comprehensive analysis by Tencent Security Lab and Knownsec, this report dives into the most critical blockchain-related security incidents from the first half of 2018, identifies major threat vectors, and offers actionable strategies to help users and organizations avoid costly risks.
Rising Value, Rising Risks in the Blockchain Space
Digital Currencies Reach $600 Billion Market Peak
Digital cryptocurrencies—decentralized, algorithmically generated assets—grew to command a peak market capitalization of $600 billion in early 2018. Bitcoin and Ethereum alone accounted for over two-thirds of this value, with Bitcoin holding 46.66% and Ethereum 20.12%. Despite the impressive valuation, the market was flooded with low-quality or outright fraudulent tokens, commonly referred to as "air coins"—projects with no real utility or backing.
The surge in value attracted not only investors but also cybercriminals seeking quick profits through theft, fraud, and exploitation.
👉 Discover how blockchain threats are evolving—and how to protect your digital assets today.
Security Breaches Skyrocket in Frequency and Scale
Security incidents involving blockchain and digital currencies have increased year over year, both in volume and financial impact. In the first half of 2018 alone, cybercriminals stole approximately $1.1 billion worth of digital assets—a stark warning of the vulnerabilities inherent in this space.
Notable breaches include:
- Coincheck (January 2018): Lost $534 million in NEM tokens.
- Bithumb (Multiple Attacks): Suffered three major breaches, including a $30 million loss in June.
- Coinrail (June 2018): Lost over $50 million after a system intrusion.
These events highlight a troubling trend: as blockchain adoption grows, so does its attractiveness to malicious actors.
Understanding Blockchain Security Threats
Security risks in the blockchain ecosystem can be categorized into three main areas: blockchain mechanism vulnerabilities, ecosystem weaknesses, and user-related risks.
1. Blockchain Mechanism Vulnerabilities
Even the most secure blockchain protocols are not immune to exploitation under certain conditions.
51% Attacks and Double-Spending
A 51% attack occurs when a single entity gains control over more than half of a network’s mining power, enabling them to manipulate transaction records. In May 2018, Bitcoin Gold (BTG) fell victim to such an attack. Hackers executed a double-spend, withdrawing 388,000 BTG from exchanges and erasing the transaction history, resulting in $18.6 million in losses.
This event proved that smaller-cap cryptocurrencies with lower hash rates are particularly vulnerable to this type of attack.
2. Ecosystem-Level Security Risks
The broader blockchain infrastructure—including exchanges, wallets, and mining pools—is often a softer target than the underlying protocol.
Exchange Hacks
Cryptocurrency exchanges are prime targets due to the large volumes of funds they hold. In March 2018, Binance experienced a sophisticated phishing campaign where hackers obtained user credentials and manipulated trading activity—driving up the price of VIA coin by 110x while dumping Bitcoin.
DDoS and DNS Hijacking
Distributed Denial-of-Service (DDoS) attacks frequently disrupt exchange operations, while DNS hijacking redirects users to fake websites to steal login credentials or wallet information.
Wallet and Mining Pool Vulnerabilities
Many users store funds in online or mobile wallets that lack robust security. Additionally, mining pools face risks from unauthorized access and malware infiltration, potentially compromising the integrity of mining operations.
3. User-Related Security Risks
Human error remains one of the weakest links in blockchain security.
Poor Private Key Management
Losing or exposing private keys can result in irreversible fund loss. Unlike traditional banking systems, there is no "forgot password" option in crypto—once keys are compromised, recovery is nearly impossible.
Phishing and Social Engineering
Attackers often impersonate legitimate services via fake websites or emails. In one case, a user lost over 100 ETH after a friend gained access to their imToken wallet through social manipulation.
Top Cybersecurity Threats in the Crypto World
1. Ransomware Targets Critical Infrastructure
Ransomware emerged as one of the most damaging threats in early 2018, with attacks increasingly focused on enterprise systems rather than individual users.
Major Ransomware Families
- GlobeImposter: Encrypted files and demanded payment in Bitcoin, often targeting healthcare institutions.
- Crysis: Exploited weak remote desktop protocols (RDP) to infiltrate servers.
- GandCrab: A rapidly evolving strain that used multiple propagation methods, including phishing emails and exploit kits.
👉 Learn how cybercriminals exploit blockchain trends—and how to stay ahead of emerging threats.
Trends in Ransomware Evolution
- Targeting Enterprises: Hospitals, government agencies, and educational institutions became primary targets due to their reliance on data continuity.
- Higher Ransoms: Some demands exceeded 9.5 BTC, reflecting attackers' confidence in payment likelihood.
- Sophisticated Encryption: Attackers began encrypting databases, backups, and even boot sectors—making recovery without payment extremely difficult.
- Ransomware-as-a-Service (RaaS): A growing underground market now offers ransomware tools and negotiation services for a cut of the profits.
2. Cryptojacking: The Rise of Mining Malware
Cryptojacking—the unauthorized use of computing resources to mine cryptocurrency—became the most widespread cyber threat in 2018.
How Mining Malware Spreads
- Game Hacks and Cracked Software: Malware was embedded in tools for popular games like PUBG and Knives Out. One campaign infected up to 200,000 machines, mining coins like Monero (XMR) and DigiByte (DGB).
- Web-Based Mining (In-Browser): Sites like CoinHive allowed website owners to embed JavaScript miners. While some used it ethically, many deployed it covertly—especially on adult content sites.
- Server Takeovers: Hackers exploited vulnerabilities like EternalBlue, Redis misconfigurations, and Apache Struts flaws to compromise enterprise servers and build massive mining botnets.
One notable case involved the PhotoMiner malware, which generated over 89 million RMB (~$12.5 million) in Monero by hijacking thousands of servers.
Mining Trends in Late 2018
Despite falling crypto prices, mining malware activity remained high due to:
- Low operational costs (no hardware investment).
- High return on compromised enterprise infrastructure.
- Increased stealth techniques using rootkits and process injection.
3. Exchange Attacks: A Lucrative Target
Hackers continued to target exchanges for direct access to large pools of digital assets. In the first half of 2018, total losses from exchange breaches reached approximately $700 million.
Common attack vectors include:
- Phishing campaigns to steal login credentials.
- Insider threats, as seen in India’s CoinSecure breach.
- Exploitation of smart contract bugs (e.g., BEC token overflow vulnerability).
Frequently Asked Questions (FAQ)
Q: What is a 51% attack?
A: It occurs when a single entity controls over half of a blockchain’s computational power, allowing them to reverse transactions and double-spend coins. Smaller networks like Bitcoin Gold are especially vulnerable.
Q: How can I protect my cryptocurrency wallet?
A: Use hardware wallets for long-term storage, enable two-factor authentication (2FA), avoid sharing private keys, and verify website URLs before entering credentials.
Q: Is cryptojacking dangerous even if it doesn’t steal my funds?
A: Yes. It degrades system performance, increases electricity costs, shortens hardware lifespan, and may indicate deeper system compromises.
Q: Can ransomware encrypt my cryptocurrency wallet?
A: While ransomware typically targets files, if your wallet file is stored locally and unencrypted, it can be locked—preventing access unless you pay the ransom or have backups.
Q: Are all ICOs scams?
A: No, but many lack transparency or realistic roadmaps. Always research the team, technology, and whitepaper before investing.
Q: How do I know if my computer is mining cryptocurrency without my consent?
A: Watch for high CPU/GPU usage, overheating devices, loud fans, or sluggish performance—especially when browsing certain websites or using cracked software.
👉 Stay protected from crypto threats with real-time insights and secure trading solutions.
Practical Security Recommendations
For Individuals:
- Use reputable antivirus software (e.g., Tencent PC Manager).
- Avoid downloading cracked software or game cheats.
- Enable ad-blockers and anti-cryptomining extensions (e.g., NoCoin).
- Store private keys offline—preferably on hardware wallets like Ledger or Trezor.
For Enterprises:
- Patch known vulnerabilities (e.g., EternalBlue, Redis).
- Monitor DNS requests for connections to known mining pools.
- Deploy endpoint protection and network intrusion detection systems.
- Conduct regular security audits of web applications and APIs.
For Developers:
- Audit smart contracts before deployment.
- Implement multi-signature wallets for fund storage.
- Use secure coding practices to prevent overflow and reentrancy attacks.
Conclusion
The first half of 2018 revealed that while blockchain technology holds transformative potential, its security landscape remains fraught with danger. From high-profile exchange hacks to widespread cryptojacking campaigns, attackers are becoming more sophisticated and targeted.
Staying safe requires vigilance at every level—technical, organizational, and personal. By understanding the evolving threat model and adopting proactive defenses, users and businesses can navigate the blockchain space with greater confidence and resilience.
Core Keywords: blockchain security, cryptocurrency theft, ransomware attack, cryptojacking, double-spend attack, exchange hack, smart contract vulnerability, mining malware