Bitcoin: The FBI Warns About Hacking Of Crypto ETFs

Bitcoin and its crypto companions are never safe, but this time, the alert is serious. The FBI has sounded the alarm, denouncing North Korean hackers targeting companies involved in crypto funds. Between massive capital flows and security flaws, cybercriminals are never far, and crypto ETF assets could very well be the next target.

Bitcoin and the threat of North Korean hackers

Through hacking, North Korea seems to defy the world. And the FBI doesn’t mince words. North Korean hacker groups, starting with the infamous Lazarus Group, seem to have set their sights on Bitcoin ETFs. With more than $15 billion injected into these funds since July 2024, the assets under management represent a real treasure for these cyber brigands.

The hitch? A large part of these funds lacks any insurance against theft, enough to make the nightmare very real if a hack were to succeed.

Imagine for a moment: a successful attack on a Bitcoin and Ether ETF, and the entire crypto market plunges into panic. As security expert Jameson Lopp explains: “If an ETF is hacked, expect it to drop to zero immediately.“

Behind this threat lies a worrying reality for investors, often blinded by the allure of profits without considering the risks. And what if a flaw were revealed? A series of liquidations, and there you go, the domino effect. Billions would evaporate, taking with them the confidence of an already fragile market.

• Since July 2024, more than $15 billion invested in Bitcoin ETFs;
• The majority of these funds are not insured;
• North Korean hackers, on the lookout for security flaws.

Crypto hacking: vulnerabilities in ETFs to watch

While crypto ETFs seem to be a great invention, they still need to be well secured. The problem is that the management of fund keys is not always flawless. As explained by Steven Walbroehl, cybersecurity expert, the fact that the majority of funds are managed by a single entity poses a huge risk.

In the event of a security breach at this entity, the whole system can collapse. No clear regulation exists to set standards for the security of crypto ETFs, leaving an open door for hackers.

Fidelity, the only fund manager to have opted for self-securing, stands out. For Jameson Lopp, it’s the best strategy: “Every ETF should do the same to secure its own assets and avoid relying on an opaque third party.“

But the others? By delegating management to external partners, often opaque, managers take the risk of entrusting their assets to what might be called a “black box.” That’s where hackers rub their hands, ready to pounce on the slightest opportunity.

Diversifying custodians could be a solution, but it’s not without risks. Too many cooks spoil the broth, as they say. More intermediaries also mean more complexity and additional risks related to the transfer of assets. So, it’s difficult to find the perfect recipe for securing these mountains of crypto.

Faced with the threat from North Korean hackers, the United States, through the FBI, remain on high alert. In 2022, they even revealed to the public the Lazarus Group’s crypto hacking technique.