• Reuters


Criminals may already have made off with $500 million worth of bitcoins since the virtual currency was launched in 2009 — and you can double that if they emptied Mt. Gox’s coffers.

Internet criminals, security experts say, are attracted to bitcoins because of their stratospheric rise in value, because they are easier to steal than real money and because they are easier to trade with other criminals. But, they add, bitcoin will survive the damage.

“It’s just growing pains,” said Keith Jarvis, a security researcher at Dell SecureWorks. “Bitcoin is large enough and has enough momentum behind it to survive any public relations damage from this (Mt. Gox) case or anything else.”

The fall of Mt. Gox, the Tokyo-based exchange that filed for bankruptcy last month after saying it had lost some 850,000 bitcoins to hackers, is certainly the virtual currency’s biggest crisis.

But data collated by Reuters from specialist bitcoin industry websites and Internet forums show that more than 730,000 bitcoins were already missing to theft, hacking, ransom payments and other apparently criminal pursuits before Mt. Gox’s collapse. That is nearly 6 percent of all bitcoins — and does not include dozens, and possibly hundreds, of unreported cases of individuals who have lost bitcoins from their computers or online exchanges to hackers.

There is no way of telling who has these missing bitcoins, or whether they were converted to real money when the price was much lower. And some bitcoins may have been counted twice if criminals stole them from each other or they were put back into circulation and stolen again.

But there is no question that bitcoins have attracted the attention of criminals as a currency and as an asset worth stealing.

A study by Pat Litke and Joe Stewart of Dell SecureWorks showed that as the price of a bitcoin soared beyond $1,000 last year, so did the number of viruses designed to steal bitcoins from wallet programs that hold bitcoins on a user’s computer or smartphone. Of the 140 types of such software, more than 100 appeared in the past year.

Writing such viruses, said Stewart, is easy. “There’s no sophistication involved in the storage of bitcoin in wallets. As for malware, it’s some of the easiest stuff to write.”

This cyber-pocket picking wasn’t criminals’ first foray into bitcoins. Initially, they focused on using their control of large networks of infected computers — called botnets — to make their own bitcoins.

Bitcoins are created through a “mining” process in which a computer’s resources are used to perform millions of calculations. For a while, says Kirill Levchenko, a researcher at the University of California, San Diego, criminals added malware to their botnets to turn infected computers into bitcoin miners.

This triggered predictions of doom for the bitcoin — that the criminals would take over the mining of bitcoins through botnets and bring the whole currency crashing down. But as bitcoins become harder to mine — according to an algorithm that slows down their production as more people try to create them — this approach has proven less profitable.

In 2012-13, says Danny Huang, another researcher at the University of California, San Diego, they earned at least 4,500 bitcoins, a relatively small sum compared with the total produced. “Few botnets are mining bitcoins now,” he said.

Instead, they have turned to stealing them from wallets or, more lucratively, from exchanges.

According to data compiled last year by academics Tyler Moore and Nicholas Christin, 18 out of 40 exchanges tracked had closed, with customer balances wiped out in many cases — not always due to fraud. Since then, according to public reports, more than a dozen others have been hacked.

Criminals have also made use of the ease with which bitcoins can be traded without any third party — such as a bank or online payment service — to use it as at least one way of paying for services between themselves.

“Bitcoin made it much easier for them, because they have to trust each other even less. Even complete strangers can cooperate,” said Juraj Bednar, a bitcoin security expert in Slovakia.

But while bitcoin has its advantages, it is not a perfect tool for the bad guys.

Take, for example, “ransomware.” Viruses that encrypt users’ data and then demand payment for a key to unlock it have become increasingly sophisticated, says Jarvis.

The most successful is CryptoLocker, which Jarvis believes is run by a Russian-speaking gang who are also behind a botnet called Gameover Zeus, which targets financial websites.

Bitcoin often appears on CryptoLocker as an option for victims to pay up. Its appeal, says Bednar, lies in the fact that it needs no third party for the transaction to work.

But there have been problems.

For one thing, the type of user to be infected by a virus wasn’t likely to be the type who is technologically savvy enough to be familiar with bitcoin. Also, as bitcoins rose in value, they have become a more expensive option for the victim, forcing the criminals to lower their bitcoin ransom demands to match prevailing exchange rates.

Then there is bitcoins’ transparency. All transactions are visible, and while they are just digits and letters, in theory they could be connected to an individual, and the entire history of all the bitcoin’s transactions could be traced.

Ironically, the success that some criminals have had in stealing bitcoins has made it less appealing to the underworld. Daniel Cohen of RSA, the security division of EMC Corp., said his team monitoring underground forums has noticed criminals lately see bitcoins as “volatile, seizable and, with the recent thefts, unsafe.”

In a time of both misinformation and too much information, quality journalism is more crucial than ever.
By subscribing, you can help us get the story right.