Roughly $1.1 billion worth of cryptocurrency was stolen in the first half of 2018, and unfortunately for owners, it's pretty easy to do, according to cybersecurity company Carbon Black.
Criminals use what's known as the dark web to facilitate large-scale cryptocurrency theft. There are now an estimated 12,000 marketplaces and 34,000 offerings related to cryptotheft for hackers to choose from, the company said in a study released Thursday.
"It's surprising just how easy it is without any tech skill to commit cybercrimes like ransomware," Carbon Black Security strategist Rick McElroy told CNBC. "It's not always these large nefarious groups, it's in anybody's hands."
The necessary malware, which McElroy said even occasionally comes with customer service, costs an average of $224 and can be priced as low as $1.04. That marketplace has emerged as a $6.7 million economy, according to the study.
The dark web is a part of the World Wide Web accessible only through special software. It lets users remain anonymous and largely untraceable.
"You just have to able to log in and be able to buy the thing — you can call customer support and they'll give you tips," McElroy said.
Thefts can come from organized cartels or crime groups extorting exchanges and companies. But it is often as simple as a highly trained but unemployed engineer looking to make extra cash.
"You have nations that are teaching coding, but there's no jobs," McElroy said. "It could just be two people in Romania needing to pay rent."
As the price of bitcoin skyrocketed more than 1,300 percent last year, new buyers flooded the market. Unlike banks, cryptocurrency is typically not protected or insured by a third party, which first-time investors might not know.
"Usually we rely on banks, the tools are out there but investors need to know how to do this," McElroy said. "A lot of people are unaware in this new gold rush, people are using cloud wallets and not securing their money."
Exchanges were the most popular target for cybercriminals, making up 27 percent of attacks this year.
Tokyo-based Mt.Gox, the largest bitcoin exchange at the time, was the first high-profile hack in cryptocurrency history. It filed for bankruptcy in 2014 and said it lost 750,000 of its users' bitcoins and 100,000 of the exchange's own. This January, hackers stole $530 million worth of a lesser-known cryptocurrency called NEM from Japanese exchange Coincheck. In December, a South Korean cryptocurrency exchange called Youbit lost 17 percent of its digital assets and its parent Yapian later filed for bankruptcy.
Businesses were the second most vulnerable group, making up 21 percent of those hacked. In many cases, criminals hack the internal system of these companies and demand cryptocurrency as a ransom. Carbon Black said it could not provide company names because some of the incidents were not public. In the U.S. companies don't have to report a ransomware incident because it does not involve a loss of personal data.
Hackers often demand payment in cryptocurrency yet bitcoin does not seem to be the top choice. It accounted for only about 10 percent of the targeted cryptocurrencies, while ethereum made up 11 percent.
Criminals appear to prefer monero. The lesser-known cryptocurrency was used in 44 percent of all attacks because of its privacy and its difficulty to trace compared with bitcoin, Carbon Black said. It also has relatively low transaction fees.
The United States was the most vulnerable country, with 24 crypto-related attacks. China was next with 10, and the U.K. came in third with eight.