2018 Mid-Year Blockchain Security Report: Key Threats and How to Avoid Them

The year 2018 marked a turning point for blockchain technology—widespread adoption, soaring interest, and an explosion in digital asset value. However, this growth also attracted a wave of cyber threats targeting the blockchain ecosystem. Based on a comprehensive analysis by Tencent Security Lab and Knownsec, this report outlines the major security risks that emerged in the first half of 2018 and provides actionable strategies to protect users and organizations.

The Rising Value of Digital Currencies and Escalating Security Risks

Digital cryptocurrencies, powered by decentralized algorithms rather than government-backed fiat systems, reached a combined market capitalization of over $600 billion at their peak. Bitcoin and Ethereum alone accounted for more than two-thirds of this value. With such high stakes, malicious actors increasingly targeted vulnerabilities across the blockchain landscape.

According to Carbon Black, approximately $1.1 billion worth of digital assets were stolen globally during the first six months of 2018. These losses underscore a troubling trend: as blockchain gains mainstream traction, so do the sophistication and frequency of attacks.

To combat these threats, the China Blockchain Security Alliance was formed in June 2018, uniting government bodies, cybersecurity firms, and blockchain institutions to promote ethical development and counter fraud, phishing, and illegal fundraising schemes disguised as blockchain innovation.

👉 Discover how secure blockchain platforms are protecting digital assets today.

Major Categories of Blockchain Security Threats

Security incidents in the blockchain space can be grouped into three core areas:

1. Blockchain Mechanism Vulnerabilities
   Flaws inherent in protocol design, such as 51% attacks or smart contract bugs.
2. Ecosystem Weaknesses
   Risks arising from third-party services like exchanges, wallets, and mining pools.
3. User-Related Risks
   Poor security practices by individuals, including weak password management and phishing susceptibility.

Together, these categories accounted for over $2.7 billion in losses during H1 2018 alone.

1. Threats Stemming from Blockchain Mechanisms

One of the most notable incidents involved Bitcoin Gold (BTG) in May 2018, when attackers executed a successful 51% double-spending attack, stealing approximately $18.6 million worth of BTG.

In a 51% attack, a malicious entity gains control over more than half of a network’s computational power, enabling them to manipulate transaction history. By creating an alternate blockchain branch, attackers can reverse transactions after cashing out on exchanges—effectively spending the same coins twice.

This event highlighted the vulnerability of smaller cryptocurrencies with less distributed mining power, making them prime targets for such exploits.

2. Ecosystem-Driven Security Incidents

The broader blockchain ecosystem—including exchanges, wallets, and mining infrastructure—is often more vulnerable than the underlying technology itself.

Exchange Hacks and Market Manipulation

Cryptocurrency exchanges have become prime targets due to the large volumes of funds they hold. In early 2018:

• Coincheck (Japan): Lost $534 million in NEM tokens due to inadequate cold storage practices.
• Binance: Suffered a coordinated phishing campaign where hackers accessed user accounts and manipulated trading activity to artificially inflate VIA coin prices by 110x.
• Bithumb (South Korea): Experienced its third major breach, losing $30 million in digital assets.

These breaches reveal systemic weaknesses in authentication protocols, internal monitoring, and emergency response mechanisms.

DDoS Attacks and DNS Hijacking

Beyond direct theft, many platforms face disruption via DDoS attacks or DNS hijacking. For example:

• Multiple exchanges reported service outages due to overwhelming traffic floods.
• Wallet addresses have been silently redirected through DNS poisoning, causing funds to be sent to attacker-controlled accounts without users’ knowledge.

3. User-Facing Security Risks

Even with robust infrastructure, individual users remain the weakest link.

Common threats include:

• Phishing scams mimicking legitimate wallet or exchange websites.
• Malware infections that steal private keys or modify wallet addresses during transactions.
• Poor key management, leading to irreversible loss of funds.

A case in 2017 saw a user lose 188 BTC after malware infiltrated their system—equivalent to nearly $2.8 million at the time.

Three Major Cybersecurity Threats Behind the Blockchain Boom

1. Ransomware Targeting Critical Infrastructure

Ransomware remained one of the most damaging cyber threats in H1 2018, particularly targeting enterprise systems running Windows Server—especially older versions like Windows Server 2008.

Top Ransomware Families

• GlobeImposter: Encrypted files and renamed them with extensions like .GOTHAM or .TRUE, demanding Bitcoin payments.
• Crysis: Spread through brute-force attacks on remote desktop protocols (RDP), often targeting unpatched servers.
• GandCrab: A rising threat that evolved rapidly across four versions, using advanced obfuscation techniques and demanding payment in Dash or Bitcoin.

👉 Learn how modern platforms defend against ransomware attacks on digital wallets.

Emerging Trends in Ransomware

• Increased targeting of enterprises, hospitals, and government agencies.
• Faster iteration cycles, with new variants released within days of prior versions being neutralized.
• Higher ransom demands, with some victims asked to pay up to 9.5 BTC.
• Broader encryption scope, now including databases, backups, and boot sectors.
• Emergence of "ransomware negotiation" black-market services, where third parties broker data recovery deals between victims and attackers.

2. The Rise of Mining Malware

Cryptojacking—unauthorized use of computing resources for cryptocurrency mining—became the most widespread form of malware in 2018.

Key Characteristics

• Uses CPU/GPU resources silently, causing performance degradation and overheating.

• Often spreads via:

  • Infected software installers (e.g., game cheats for PUBG or Knives Out).
  • Malvertising through ad networks.
  • Compromised websites embedding scripts like Coinhive.

In one case, a mining botnet dubbed PhotoMiner exploited FTP and SMB vulnerabilities to hijack enterprise servers, generating over 80,000 XMR (Monero)—worth nearly $89 million RMB.

Distribution Channels

• Gaming communities: High-performance machines ideal for mining.
• Adult websites: Long visitor dwell times increase mining yield.
• Enterprise servers: Always-on systems with powerful hardware.

Mining activity correlates strongly with cryptocurrency prices—when coin values rise, so does malware propagation.

3. Exchange Attacks: Digital Heists on the Rise

Hackers stole around $700 million from exchanges in the first half of 2018 through various methods:

Smart contract vulnerabilities are especially dangerous. In April 2018, a flaw in the BEC (BeautyChain) contract allowed attackers to exploit integer overflow, creating massive unauthorized token transfers—a flaw later replicated in the SMT token.

Frequently Asked Questions (FAQ)

Q: What is a 51% attack and why is it dangerous?
A: A 51% attack occurs when a single entity controls over half of a blockchain’s mining power. This allows them to reverse transactions, enabling double-spending. It’s particularly risky for smaller networks with concentrated hash rates.

Q: How can I protect my cryptocurrency wallet from theft?
A: Use hardware wallets for long-term storage, enable two-factor authentication (2FA), avoid suspicious downloads, and never share your private keys. Regularly scan your device for malware using trusted antivirus software.

Q: Are all crypto-related websites safe to visit?
A: No. Many sites—especially adult or pirated software portals—host cryptojacking scripts. Always use browser extensions that block mining scripts and keep your system updated.

Q: Can ransomware really affect cryptocurrency users?
A: Absolutely. If your wallet files are stored on an infected machine, ransomware can encrypt them. Without backups, you may lose access to your funds permanently—even if you don’t pay the ransom.

Q: Is cloud mining safe from malware threats?
A: Not inherently. Cloud servers are frequent targets due to their processing power. Organizations must patch known vulnerabilities (e.g., EternalBlue, Redis misconfigurations) and monitor unusual outbound traffic to detect cryptojacking.

Q: Why are exchanges frequently targeted?
A: Exchanges hold vast amounts of digital assets in hot wallets for liquidity. Poor security practices—like lack of multi-signature authentication or insufficient monitoring—make them attractive targets for hackers.

Practical Security Recommendations

For individual users:

• Install reputable antivirus software (e.g., Tencent PC Manager).
• Avoid cracked software, cheat tools, or unknown browser extensions.
• Use hardware wallets like Ledger or Trezor for storing significant holdings.
• Regularly back up wallet data offline.

For enterprises and website operators:

• Patch all known system vulnerabilities promptly.
• Deploy enterprise-grade firewalls and intrusion detection systems.
• Monitor DNS settings and outbound traffic for signs of hijacking or cryptojacking.
• Educate employees about phishing and social engineering tactics.

For blockchain developers:

• Audit smart contracts before deployment using third-party firms.
• Implement rate-limiting and reentrancy guards in token contracts.
• Use formal verification tools where possible.

👉 Stay ahead of threats with cutting-edge security solutions built for Web3.

The blockchain revolution brings immense opportunity—but also unprecedented risk. As demonstrated throughout 2018’s first half, attackers are constantly evolving their tactics to exploit weaknesses in technology, infrastructure, and human behavior. By understanding these threats and adopting proactive defenses, both individuals and organizations can navigate the digital asset landscape safely and confidently.