eBusiness Weekly
Jeffrey Gogo
Investors know that there is a latent degree of risk with every investment. But nowhere else could such risk arguably be more concentrated than in the cryptocurrency markets.
That’s in part because digital currencies are an innovation and largely because cryptocurrencies are highly volatile. Prices can change several times in a day – with big changes, not small ones and falling as quickly as they rise and vice versa.
Also, emerging technologies tend to face teething security problems, as developers work to fine-tune their systems.
Even banks, custodians of fiat money, struggled frequently with issues of stolen and lost funds in their early days.
It is an existential risk that all financial intermediaries like banks and cryptocurrency exchanges will have to improve on continuously.
But with the price of cryptocurrencies led by Bitcoin soaring in the past year, hackers seem to have found a new home in digital currencies.
The combined loss of $700 million crpto cash equivalent in separate raids at Coincheck and BitGrail this year alone has shaken the digital currency world down to its core.
At Japanese exchange Coincheck, investors have started to sue after hackers made off with $530 million worth of the token NEM (XEM) late in January.
Earlier this week, thieves stole $170 million of Nano, formely called Raiblocks, at Italian exchange BitGrail.
Again in January, Bitconnect, long thought a pyramid scheme, shut down citing “bad press” and malicious attacks on its platform.
The closure costs investors dearly after Bitconnect’s token known as the BCC crashed spectacularly within hours of the exchange shutting down, plummeting to $20 from $200.
Bitconnect said it would refund people that kept money on its exchange.
Here, fears of a $200 000 heist at Golix.com turned out to be just that – fears – as it emerged the Harare trading platform had suffered a 14-hour technical failure that was successfully fixed.
It is little surprise that in an industry fraught with hacks and issues of stolen funds, retail investors are almost always in a state of perpetual fear, and edginess with exchanges all the more desperate to calm nerves in the event of what in another world would be a temporary ordinary fault.
We asked Golix spokesperson Nhlalewehle Ngwenya, how safe were investor funds on Golix?
Ngwenya declined to comment citing security reasons.
Worldwide, questions are now being asked on the safety of investing in cryptocurrencies, and whether exchanges were doing enough to keep investors’ funds secure.
This has become particularly concerning given that hackers are now also targeting individuals, governments and companies for attacks in a bid to mine Bitcoin for free, howbeit clandestinely.
Mining is the process that creates new digital coins by solving complex mathematical problems using supercomputers.
But the process consumes a lot of electricity.
In the UK, attackers this week found about 4,000 government computers too juicy to resist. They hacked into the machines and started mining using the UK’s government power unbeknown to the authorities.
These sort of attacks are becoming common, and though it appears hackers steal nothing material like files or money, it may mean a slowdown in the way that the computer operates.
Zim companies hacked
Just how safe are Zimbabwean companies, its citizens, particularly to the mining type of hacks? We try to answer some of these concerns below through an excerpt of an interview we had with cryptocurrency expert Soul Kabweza (SK) of online magazine Techzim.co.zw. Business Weekly is represented BW.
BW: How vulnerable is Zimbabwe to cyber attacks that lead to hackers using someone else’s computer to mine cryptocurrencies?
SK: Zimbabwe is as vulnerable as all any other country. The Internet doesn’t care about borders. As long as you are connected to the internet you are connected to the global network. Anyone or companies that connect to the Internet can be hacked and used to mine cryptoccurrencies. In the past hackers avoided attacking most countries in Africa because most did not use credit cards. Now the value is not the money in your credit card, the value is on your computer. Users in Zimbabwe are as much a target as anyone else. This is why it’s important for companies to protect their operating systems, keep their files intact, close any holes and ensure no one is getting access to their machines in order to use them for cryptocurrency mining. Individuals are more at risk because they don’t have an IT department that helps them stay secure.
BW: How do hackers do this, take control of someone’s machine?
SK: The issue of hacking is not new. It has not come with cryptocurrencies. It has been happening since the first computer was created. Usually they infect your computer the same way a virus attacks your machine.
They lure you to do something. You might be on a shady website like pornography or trying to download an illegal copy of Windows or something like that. They attract you to click on a button and by clicking on that button you are installing this mining software on your PC. From there onwards, as long as you are connected to the internet, you start mining crypto for these guys.
The people that are most at risk are those using kret software. With kret software usually you download your FIFA 2017 or Windows and the hackers will embed their miner into that game or operating system. As soon as you download that file and start using it, as long as you are connected to the internet it starts mining.
BW: Have such attacks occurred in Zimbabwe?
SK: Yes. This has been going on for a while. I would say maybe for six months to a year, especially people that use Windows. Those are most at risk because they are pushed to use all kinds of kret software and are also not protected that much if they are not doing Windows updates.
Now you will find that in Zimbabwe if you are doing Windows updates you are charged a lot of money for that so people shy away from such updates. Unfortunately, by doing that they are making themselves targets. In fact the evidence that we have is that last year a number of companies were hacked and the hackers asked that they be paid in cryptocurrency for them to release their files back to them.
This is not part of Wanna Cry. Isolated they were but companies were hacked. They came to us and asked that we help. If people are going to hack you and ask to be paid in crypto you better trust that they can also hack and not ask you anything but use you to mine crypto. Companies are at huge risk because they have many computers that connect at once and are easier to hack.
One person does something funny, downloads something bad. Hackers can easily infect the rest of the network by infecting one computer. And also companies have good ZESA (a reliable power supply) and they do not exactly watch their Zesa bill, they have good internet. Companies don’t watch these things closely as do individuals at home. It means people need to be more vigilant, more aware of the risks of being used as a miner.”
