A new study conducted by multinational professional service firm, Ernst & Young, states that hackers have stolen approximately $400 million in cryptocurrency from ICOs.
ICOs or initial coin offerings is an unregulated form of crowdfunding aimed to raise capital for new cryptocurrency ventures.
The Ernst & Young report estimated that over 10 percent of all funds accumulated in ICOs have been lost or stolen. This equates to an estimated $400 million in cryptocurrency from $3.7 billion, obtained between 2015 and 2017. The funds were raised by 372 ICOs from around the world.
“Hackers are attracted by the rush, absence of a centralized authority, blockchain transaction irreversibility, and information chaos,” the report notes.
According to Ernst & Young, cyberattackers take advantage of on the appeal that ICOs have, specifically their lack of security as project founders focus more on attracting investors.
The report obtained the data from exchange reports, news sites, interviews, blockchain network scanners, and ICO trackers.
ICOs are considered an easy way to raise capital especially for start-ups that may have been ignored by venture capitalists. However, this form of financing has little to no regulation.
Hackers were able to steal an average of $1.5 million per month through ICOs. The report pinpointed several means through which hackers can steal ICO funds including phishing, Distributed-Denial-of-Service (DDoS) attacks, employee attacks, direct website compromise, and exchange hacking.
Paul Brody, Ey Global Innovation Blockchain Leader, believes that continued ICO use will only make the platforms more popular. This would saturate the market with “quality over quality of investments”.
US Securities and Exchange Commision (SEC) regulator, Jay Clayton, cautioned businesses not to offer ICOs without regulatory backing and expertise.
The SEC recently exposed a scam made by an ICO named PlexCoin that managed to raise $15 million by promising 13 times more profit in less than a month.