In December 2018, the CEO of Canada’s major cryptocurrency exchange, QuadrigaCX, allegedly died of Crohn’s disease while in India without telling anybody the password for his storage wallet.
Oh, really? Funny, that. Experts say that Crohn’s is hardly likely to kill an otherwise healthy 30-year-old. Nor was there an autopsy. Or, apparently, a body. It’s also odd that days earlier, Gerry Cotten made out a will leaving everything to his wife. And that Ernst & Young used public blockchain records to review the transactional activity of the six identified cold wallets set up by Cotten, where his wife claims the assets were locked up without access to the password keys, and found that they’d been emptied of $137m.
And, well, you can see where this is headed: straight into the likelihood that it was one of the year’s most scorching exit scams.
CipherTrace analysts think it’s highly unlikely to be anything but fraud, theft or foul play, they noted in the company’s 2019 Q1 Cryptocurrency Anti-Money Laundering Report. Gerry Cotten probably isn’t really six feet under, they suggest. Rather, he could have slipped underground in another way entirely as he and his “widow” actually work to launder a total of nearly $195m worth of customers’ funds.
We’ll likely never know what really happened. But we do know that the lost QuadrigaCX funds have added to a total estimated US$356 million stolen (stolen or “lost,” if you buy the death-by-Crohn’s story) from exchanges and cryptocurrency infrastructure during the first quarter of 2019.
According to CipherTrace, which develops cryptocurrency and blockchain tracing and security capabilities, that figure could swell further still, given that the New York Attorney General last month accused cryptocurrency exchange Bitfinex and cryptocurrency Tether of an $850m fraud. If the allegations bear out, the total losses in Q1 will be more than $1.2 billion.
The increasingly varied ways for funds to go POOF!
Suspicious death in a foreign land; the disappearance of a Norwegian billionaire’s wife by alleged kidnappers who purportedly demanded about 1% of all existing Monero funds in exchange for her release (she was last seen alive in October 2018); a spike in cross-border payments from US exchanges to offshore exchanges that fall off the radar of US authorities: these are just some aspects of the current landscape of cryptocurrency crime, CipherTrace says.
They are not without repercussions. Ironically enough for those who got into cryptocoins for the lack of regulation, these crimes are ushering in what CipherTrace calls a “tsunami” of regulation. We’re looking at tough new global anti-money laundering and counter-terror financing regulations that will steamroll the crypto landscape in the coming year, according to its analysts.
While nations such as Iran and Russia are looking to roll out their own currencies in an effort to avoid sanctions or are looking to attract crypto businesses to foster economic growth, others are trying to get a grip on the downside, including extortion, kidnapping, money laundering and terrorist financing potential of crypto assets.
Some examples:
- The Finance Committee of France’s National Assembly in March published a report about crypto assets and blockchain technology. In it, the committee proposed a complete ban on privacy coins.
- The Bank of Mexico proposed banning financial institutions from transacting with crypto exchanges, citing money laundering and terror financing risks.
- In light of the huge losses suffered by users of QuadrigaCX, regulators in Canada and around the world are looking for input on how to regulate cryptocurrency exchanges.
Crime + consequences = Quid pro quo for lack of regulation?
With these kind of crimes and losses, it’s not surprising that regulators are getting ready to march. But it’s worth noting that the total market capitalization for cryptocoins is about $177 billion, which put the 2019 Q1 thefts at roughly 0.2% of the total value of cryptocoins.
Granted, that’s not nothing. And also granted, CipherTrace didn’t take into account some thefts, such as North Korean state-backed hackers having successfully breached at least five cryptocurrency exchanges in Asia between January 2017 and September 2018, causing $571 million in losses, as the UN Security Council reported on 6 March.
…but still, it’s a small percentage. It’s also worth remembering that averages are made up of peaks and troughs. Most of the value of the thefts came from the total plundering of a few big exchanges, which likely means that while cryptocurrency overall might lose 0.2% to theft, people don’t.
The risks of sticking funds onto somebody else’s computer
Many might not lose anything at all to these and other forms of theft, while some might lose everything. Those are the risks we take with cryptocurrency exchanges, which are, as we’ve mentioned before, Just Another Website and therefore unaffected by the magical un-crackability of cryptocurrency crypto.
Cryptocurrency exchanges are websites where such currencies are bought, sold and stored. For Bitcoin and its ilk, they’re a soft and vulnerable underbelly. Like “the cloud,” an “exchange” is just another name for “somebody else’s computer.” You know next to nothing about the quality of that computer, or the ethics of the person operating it.
To help keep funds safe – at least from online threats, if not from kidnappers and other real-life criminals – don’t leave crypto-assets in a hot wallet. Instead, put the bulk of it in cold storage. Just make sure to figure out a way to securely give someone else the password after you die, in case you really do pass away unexpectedly, somewhere, sometime, be it overseas or in your own bed.