This is crypto theft, and all the victims we speak to want only one thing: to warn people. Two of them are talking to us in this article, together they have lost more than 40,000 euros due to theft.
One of the victims we speak to wants to speak to us by name: Cees Oddens. Cees had different types of cryptocurrencies, including Bitcoin, in a so-called crypto wallet of a well-known company: Blockchain.com.
A crypto wallet is a digital wallet. Although it does not contain bitcoins, it does contain all kinds of codes, called keys, that give you access to crypto coins. Cees had parked bitcoins in this wallet since 2012.
Cees was able to cash out once. “That was just before the first bubble burst in 2017, when I was able to sell something.” He cashed in a large portion of his cryptos, but left a small portion to continue growing.
The shock was great when he logged into his account in April. “I saw that my balance was suddenly a lot lower. So I immediately looked at my transaction history, and there I saw that all my bitcoins were sent to an address I did not know.”
Before he knew it, all his cryptocoins were gone. At that time, his bitcoins had a value of almost 22,000 euros.
Months later, Cees still doesn’t know what exactly happened. Contacting the Blockchain.com helpdesk also yields nothing. They also cannot return his coins. The helpdesk thinks he has been hacked, he himself is not sure.
Another victim tells us a similar story. David, not his real name, is sure: his computer has become infected with malware, software that criminals used to gain access to his computer.
At its peak, the crypto coins in his possession were worth more than 24,000 euros. Then the criminals struck, and he lost all his money at once.
David acknowledges in the conversation with RTL Nieuws that he himself was responsible for installing the malware, but is also angry with Binance at the same time. “My account was protected by a unique password from a password manager, and I had two-step verification on. So you also expect to receive a notification on your phone if you want to change your password, which you have to approve.”
Since his PC was infected by hackers, this could be circumvented. “Normally you can’t trade for 24 to 48 hours after changing this kind of data. But because the hackers changed my login details from an address known to Binance, this restriction apparently didn’t apply.”
David received push notifications in the Binance app on his phone that transactions were taking place. “There were reports that my cryptos were being transferred to wallets I was not aware of at all,” says David. He wants to warn people: “That you can also be taken by hackers with two-step verification.”
Inquiries with the police tell us that crypto thefts are reported more often, but there are no exact figures. This type of crypto theft is not registered as a separate fact with the police, and the term ‘crypto’ does not appear in, for example, reports from companies that are extorted via ransomware. This makes the targeted search for declarations difficult.
Reports are increasing
The police do see that reports and reports of this type of crypto theft are increasing. A spokesperson emphasizes: “That also has to do with the fact that more and more people are stepping into this.”
The Fraud Helpdesk also sees an increase, but says that the number of reports is too low to draw firm conclusions. Reports that come in are about six to seven thousand euros per person on average.
Cees and David have both contacted the companies where their crypto coins were located, and filed a report with the police. So far this has been unsuccessful.
It leaves a bad aftertaste in the men. Cees would like to warn people about the dangers. “So the lesson is that having a lot of money in crypto is quite dangerous.”
If it is already too late and your cryptos have been stolen, the Fraud Helpdesk always recommends reporting it, changing your passwords and checking the website www.haveibeenpwned.com to see what has become public where.
How do you keep cryptocurrencies safe?
There is no one way to ensure that you can never become a victim of crypto theft. But there are tips that can make it less easy for potential criminals.
- Provide strong, unique passwords to access your crypto wallets
- Always use two-step verification
- Do good research into the party where you purchase your crypto services. Make sure you know how to approach them if something goes wrong
- If you have a lot of money in one wallet, it can be wise to spread this more. For example, across multiple wallets at multiple crypto companies, or a hardware wallet such as Ledger. These are physical devices with which you can store the keys of your bitcoins offline.
- Another somewhat extreme tip, but good to think about if you have a lot of money in bitcoins: use a separate computer, which you only use for your crypto trade. This requires an investment, and also some discipline. But if you have a computer that you’re not browsing, downloading, playing games on, or social media on, it greatly reduces your chances of getting malware on this computer.
‘We regret this incident’
In response to our inquiries, a Binance spokesperson said: “We deeply regret this incident and sympathize with our user. Strict security measures are in place to protect our systems, but due to the degraded security on this user’s device and other used services, malicious parties were able to access his account in a way that our systems could not directly detect.” Furthermore, the company says it always supports the police investigations in this area where possible.
Blockchain.com says it will not comment on individual cases. The company writes, “We cannot comment on individual customer cases, but we can confirm that there has been no data breach in Blockchain.com’s systems.”