10 blockchain and bitcoin horror stories

Fibo Quantum

Twelve years since Bitcoin started it all, the future of cryptocurrency, blockchain and other related technologies appears to be shining bright. DeFi keeps surging to dizzying new highs; investor appetite for blockchain has never been greater. But with Halloween on our doorsteps, now might be a good time to recall some crypto horrors from not that long ago. 

Gather ’round now for these 10 real-life Tales From the Crypt. The crypto world’s shine is now almost blinding — or is that a glint from a hacker’s upraised knife? 

1. The powers above say “BOO!”

Imagine slaving away to build up a blockchain company or sinking your life savings into a cryptocurrency like bitcoin, only to wake up to the news that your country has banned crypto trading.

Now, the axe will not likely fall on you unannounced. India’s ambivalence and back-and-forth on regulating crypto, for example, has been much-discussed and publicized. Even China has issued warnings before issuing crackdowns. Still, with the trust and comfort level of some governments toward cryptocurrency in flux, it might be wise to be wary and prepare to dive for cover if needed. Here’s hoping the 5 million holders of cryptocurrency in India — where it is rumored that another crypto ban is being considered — are doing just that before any new anti-crypto thunderbolts are thrown down from above.

2. Vanishing bitcoin fortunes 

It’s a recurring nightmare of anyone with a digital wallet. We all forget passwords. That’s what Google Autofill is for, and why many of us — against the best advice from security experts — use the same passwords across different sites. Many of us have also lost real-world wallets with cash inside to pickpockets or carelessness. But forgetting or losing the key to your digital wallet? Now, there’s a frightening thought.

Most people don’t usually carry around tens or even hundreds of thousands of dollars in our physical wallets — but a bitcoin wallet might.  From Elon Musk misplacing his only bitcoin to your casual everyday Redditor being out US$40,000 to Peter Schiff claiming that “[his] wallet no longer recognizes [his] correct password,” to Wired Magazine losing the key to US$100,000 in bitcoin, all too many digital currency owners — including the most savvy ones — have seen their crypto money, through accident, bad luck or stupidity, disappear forevermore. 

The size of this cryptocurrency graveyard? Every day, about 1,500 bitcoin – or US$20.6 million at the time of writing – is lost, according to Cane Island Digital Research analyst Timothy Peterson, based on his firm’s research

 3. What’s in the grave, stays in the grave

“You can’t take it with you!” so we used to say, a cri de coeur to enjoy life and its material pleasures while you can, as money and earthly possessions can’t be taken into the afterlife.

But in this increasingly digitized world, cryptocurrencies sometimes do follow their owners into the grave. 

Such was the case of crypto millionaire Matthew Mellon, who tragically passed away in 2018 on his way to a substance abuse rehab facility in Mexico. The 54-year-old banking heir had invested US$2 million in XRP, citing its compatibility with the traditional banking system as an advantage over other cryptocurrency that seemed more “anti-America” to him. This investment grew in value to be worth around US$1 billion at the time of his death. 

Mellon had told friends that his cryptocurrency fortune was stashed away in a number of secret accounts known only to him, and that the keys were hidden in cold storage all across the country. When he died, his family and heirs found themselves without access to either accounts or keys.  

Mellon’s cryptocurrency fortune has not been located to this day. It lies in the cyber equivalent of an unmarked grave and may be lost to Mellon’s heirs forever. 

4. Ghoul out and vote!

The democratic process has ample room for error. Some have posited that the issues in voting provide an opportunity for reform by blockchain, but this ostensible solution is not without risks. Voatz, Overstock’s blockchain subsidiary Medici Ventures-backed mobile voting app, runs on Hyperledger and utilizes biometric technology to verify voters’ identities before processing their votes. To date, it has been used in more than 67 elections from local school boards through federal level. 

But Voatz has had numerous security concerns pointed out that have given people the shivers, including but not limited to its vulnerability to hacking, vote manipulation, and the exposure of confidential personal information. 

In 2018, an FBI investigation was launched into an attempt by University of Michigan cybersecurity students to hack into the app during the 2018 midterm election. While unsuccessful, the attempt highlighted the potential for data breaches as highlighted by multiple audits. One shudders to think what more experienced hackers could achieve by exploiting these vulnerabilities — anything from siphoning voters’ personal data to deciding the course of an election would be within the realm of possibility.

5. Mass blockchain die-offs

The blockchain startup world is littered with corpses. Of those born, the vast majority do not survive for long.

In 2018, He Baohong, director of China Academy of Information and Communications Technology, asserted that only about 8% of the blockchain projects ever launched survived past startup stage. The other 92% “die quickly,” with an average company lifespan of 1.22 years, according to He’s speech at the China International Big Data Industry Expo. 

The mass die-offs of blockchain startups still hold true today.

“Very few crypto companies [are] financially sustainable and profitable,” Anton Mozgovoy, co-founder and CEO of decentralized finance (DeFi) service provider Holyheld, told Forkast.News. “Most of those companies are crypto exchanges.”

Even the most seemingly promising blockchain startups have died young. One such blockchain startup was Dala, a South African company conceived in April 2018 to bring financial services to the emerging African market. 

Dala raised US$1 million in an ICO and accrued over 150,000 users, based mostly in Uganda, within four months of launch. However, Dala’s reference model, which rewarded users for recommending others to its services, “attracted scammers.” Furthermore, Dala found its local partners in banking systems and internet providers lacking, and “had to build even more infrastructure than [they] anticipated at the start” due to their failures. 

Faced with insurmountable infrastructure and funding problems, Dala finally gave up the ghost in June of 2019, its lifespan amounting to almost exactly He’s grisly statistic of 1.22 years.

6. IC… Ghosts!

With 81% of initial coin offerings in 2018 being classified as “scams” by a study done by Satis Group, it’s little wonder that there’s an abundance of macabre ICO stories. 

The largest exit scam to date involved Vietnamese company Modern Tech, which launched two ICOs: one for a Pincoin token, and another for iFan, supposedly a social network token for celebrities. 

These were later revealed to be multilevel-marketing schemes, but by that time Modern Tech had already bled 32,000 people a collective US$658 million. The perpetrators vanished like vampires into the night. 

Since then, seven people have been blamed for Modern Tech’s scheme, but there has not been any news of arrest or victim reimbursement thus far. 

7. Bloody hacks and body snatchers

Some of the ICO failures — 11% overall, according to the aforementioned study — caused investor grief without any criminal intention from company founders. 

Enigma is a security and cryptography system that ironically suffered a devastating security breach in 2017 ahead of its ICO. Hackers took over the company’s website, email, and Slack channels to send out information about a fake early ICO, tricking investors into depositing their ETH into a fake Enigma address. US$500,000 of ETH was stolen before the Enigma team could regain control. 

Enigma took responsibility for its poor security by reimbursing investors, at no small expense of their own. Enigma has since also been charged by the U.S. Securities and Exchange Commission for neglecting to register its 2017 ICO of tokens worth US$47 million as securities, for which it must return funds to investors, register its tokens, periodically report to the SEC, and pay a US$500,000 penalty. 

8. Zombie Ponzi schemes

Dedicated readers of the crypto horror genre know that, perhaps because of its bewitching promises, the crypto industry has on occasion been the breeding ground for spectacular crimes, including an international pyramid scheme that the Times calls “one of the biggest scams in history.” 

OneCoin was a company that sold cryptocurrency mining opportunities. Its creators netted about US$4 billion before the company was unmasked as nothing more than a Ponzi scheme, according to prosecutors. Investigations carried out across the U.K., the U.S., Italy, Canada and the Ukraine unearthed victims around the world. Mumbai saw a US$3 million raid, while 20 of China’s 34 provinces got gored before authorities recovered US$267.5 million

The scheme that people around the world fell for involved selling plagiarized “educational packages” including “mining tokens” that would yield OneCoins — which turned out to be a worthless, unexchangeable asset that was not even on a blockchain. 

The exchange shuttered in early 2017, but OneCoin’s websites — like zombies that would not be killed — only went down in December of 2019, despite the company having been identified as a risk as early as September 2015 by Bulgaria’s Financial Supervision Commission

While certain key figures in the OneCoin scandal have been arrested (including one of the two co-founders and a family member of the other), the ostensible mastermind (and other co-founder) Ruja Ignatova remains at large, living in the shadows of a false identity in Frankfurt, according to a BBC investigation. Aside from being the origin of countless individual investors’ torment and suffering, OneCoin — perhaps more than any other blockchain company — also put a Texas chainsaw to the reputation of the cryptocurrency industry.  

One silver lining to OneCoin’s devastation: the world will now get a Kate Winslet movie based on this true story.

9. The knives are out for cryptocurrency exchanges

With KuCoin’s recent hack for a sum as high as US$280 million still fresh on our minds, it’s worth considering the exchanges that keep getting hacked and the continuing danger in the absence of universally consistent regulation. The record number of 12 major breaches of crypto exchanges’ security in 2019 amounted to a total of US$292,665,886

While cyber attacks may not be the end of the world — KuCoin has recovered US$204 million of its loss thus far — they show how vulnerable crypto exchanges are to hacking. 

Though hackers are generally after money, customer data has also been stolen. The 2019 attack on CoinMama leaked 450,000 users’ information — maybe even yours…. — to the dankest corners of the dark web.

10. To DAO, to sleep — no more 

To close out tonight’s scary stories, here is one that predates all the others on this list — that of a decentralized autonomous organization (DAO) named “The DAO,” whose 2016 hack continues to haunt the smart contract environment to this day. 

The DAO raised over US$150 million in ETH (14% of all ETH at the time) from more than 11,000 people — the largest crowdfund of its time. But the team behind The DAO realized its code contained flaws. On June 12th, co-creator Stephan Tual acknowledged that The DAO, like other Ethereum smart contracts, had a “recursive call vulnerability” that the team was addressing. 

Less than a week later, a hacker swooped in, exploited this loophole and drained US$70 million worth of ETH from The DAO

Fortunately, the stolen funds were funnelled into an account with a holding period, so the hacker was eventually thwarted, and Ethereum hard-forked to reroute the money back to its original owners (birthing, in the process, Ethereum Classic — which has also fallen prey to repeated attacks). However, the SEC decreed that The DAO’s tokens were securities — the first time the agency had done so, in a move that continues to chill the industry to this day. The DAO itself collapsed a couple months later. 

Though The Dao was one of the first cases of serious hacking in the crypto space, time has only changed the nature of blockchain vulnerabilities and the evils that can befall crypto companies, not lessened them. 

Mozgovoy warns: “Security concerns are only going to grow as the complexity of smart contracts increases.”

With that spooky thought in mind…. Happy Halloween to one and all, from all of us at Forkast.News.

Good night and sweet dreams.