Cryptocurrencies are basically the same as e-money \u2014 like WebMoney or PayPal. That means they also have the same problems as classic e-payment systems.<\/p>\n
However, the operating principles specific to cryptocurrencies sometimes make the problems more likely to occur, and thus more disturbing. In addition, the same principles are responsible for a certain number of risks unique to cryptocurrencies.<\/p>\n
We\u2019ll start with common problems such as plain old theft. Let\u2019s say you\u2019re transferring money to a friend. You copy his wallet address accurately, but malware replaces the address in the clipboard with another one<\/a>. Not every user is vigilant and double checks an address after copying it. Especially if the address is a long jumble of characters.<\/p>\n Or take phishing, for another example. As with ordinary e-money, users can be tricked into going to a phishing website where they upload their cryptowallets and enter a password.<\/p>\n Of course, users of a traditional bank or payment system can also run into trouble with cyberthieves. However, with a traditional system there is always a fairly good chance of canceling the transfer. In the case of cryptocurrencies, you might as well try to complain to the United Nations. What happens in blockchain stays in blockchain.<\/p>\n On top of that, even using a genuine payment gateway with the correct address can result in a loss of money. In June 2017, the most popular Web wallet for the Ethereum Classic cryptocurrency, with the original address https:\/\/classicetherwallet.com\/<\/a>, suddenly started stealing money<\/a> from users\u2019 wallets.<\/p>\n Turned out, hackers had used social-engineering methods to convince the hosting provider that they were the real domain owners. After gaining access, they started intercepting cash flows.<\/p>\n Luckily, the strategy those hackers used wasn\u2019t the best \u2014 they replaced the payees immediately, thus quickly blowing their cover and managing to steal only $300,000 in several hours. If they had collected the wallets and waited a while, they would have remained undetected for a lot longer, and the damage probably would have been far worse.<\/p>\n In all fairness, classic financial services can also fall prey to that kind of attack. For example, in Brazil this year, hackers hijacked a whole bank<\/a>.<\/p>\n The preceding cases were typical electronic-money issues, but as we\u2019ve already said, cryptocurrencies add their own wrinkles. For example, there is a risk that\u2019s very specific to cryptocurrencies \u2014 loss of money due to an error in the address to which the money transfer is made.<\/p>\n In the case of Ethereum, if the last digit of the address wasn\u2019t copied, the money would disappear into thin air. Or it would go where it was supposed to, but the amount you intended to transfer would be it multiplied by 256<\/a>.<\/p>\n That error is not relevant to Bitcoin; its system has built-in address validation. However, in Bitcoin, you might send money to a mystery recipient \u2014 how does losing 800 bitcoins<\/a> strike you? (that\u2019s about $3.2 million at the exchange rate on September 28, 2017). Or you could unwittingly pay a fee of 80 bitcoins<\/a> (about $320,000). To be fair, that kind of mistake is unlikely with a popular Bitcoin client; in those cases it\u2019s likely people were using something homemade.<\/p>\n There\u2019s one more problem that is typical of cryptocurrencies: loss or theft of a wallet. Most users store their cryptocurrency wallet files on their computers. Therefore, they can be stolen using malware<\/a> or lost if the hard disk crashes.<\/p>\n So most advanced users make hard copies of their secret key and purchase USB hardware wallets. But the number of such users is small.<\/p>\n The situation with \u201ccentralized\u201d e-money is far better at present. It\u2019s the rare Internet bank that doesn\u2019t require two-factor authentication and confirmation of transactions using SMS with one-time-use passwords. And in the case of corporations or large amounts, the use of a USB token is mandatory.<\/p>\n In 2017, investing in projects associated with a blockchain or cryptocurrencies became very popular among cryptocurrency holders. This type of fundraising is called an ICO \u2014 Initial Coin Offering.<\/p>\nHacking a payment gateway<\/h3>\n
User address error<\/h3>\n
Loss of a wallet file<\/h3>\n
Insecure ICOs<\/h3>\n