SEC nearly doubles cryptocurrency cop roles in special cyber unit
Policing digital assets sounds more Mission Impossible than NCIS
The US Securities and Exchange Commission intends to fill an additional 20 positions in a special unit that polices cryptocurrency fraud and other cybercrimes.
This brings the newly renamed Crypto Assets and Cyber Unit's total to 50 roles as the SEC hopes to crack down on miscreants trying to profit from growing interest in digital assets and marketplaces.
"As more investors access the crypto markets, it is increasingly important to dedicate more resources to protecting them," SEC Chair Gary Gensler said in a canned statement. "By nearly doubling the size of this key unit, the SEC will be better equipped to police wrongdoing in the crypto markets while continuing to identify disclosure and controls issues with respect to cybersecurity."
The SEC formed the division, formerly known as the Cyber Unit, in 2017. Its 80 crypto-coin-related enforcement actions since then have resulted in about $2 billion in monetary relief for investors, according to the agency.
The expanded crypto-crimes unit will investigate securities law violations related to digital asset offerings and exchanges, lending and staking products, decentralized finance (DeFi) platforms, non-fungible tokens (NFTs), and stablecoins.
The positions to be filled will include supervisors, investigators, trial lawyers, and fraud analysts in the SEC's Washington, DC headquarters and regional offices, we're told.
- Beanstalk loses $182m in huge flash-loan crypto heist
- Thief milks CREAM Finance for $18m+ in cryptocurrency after spotting security bug
- $600m in cryptocurrencies swiped from Poly Network
- SEC proposes four-day rule for public companies to report cyberattacks
The crypto-cop boost comes as cybercriminals prey on these online platforms and exchanges, highlighting the growing security concerns around cryptocurrency technologies.
In April, Beanstalk Farms, a DeFi platform, lost all of its $180 million collateral over a weekend in a massive flash-loan heist.
Flash-loan attacks are just one way for crooks to illegally profit from blockchain technologies. These loans are awarded and paid back in a single blockchain transaction – it can take just seconds to get the money and return it.
"Unlike a regular loan, you don't need any collateral, or to even go through the identification process," Check Point security researchers explained. "Hackers like to use the flash loan, since they don't even have to risk their own capital, and the wallets don't get traced back to them, since they are using someone else's funds."
Also in April, criminals exploited a now-fixed design flaw in the Rarible marketplace to steal an NFT from Taiwanese singer and actor Jay Chou. The miscreants then sold it for about $500,000.
That same month crooks stole NFTs said to be worth about $3 million after breaking into the Bored Ape Yacht Club's Instagram account and posting a link to a copycat website that sought to harvest marks' assets.
In March, following Bored Ape Yacht Club's ApeCoin cryptocurrency debut, crooks stole about $1.5 million after claiming a large number of tokens using NFTs that they did not initially own and pulling off fraudulent flash loans. ®
- Advanced persistent threat
- Black Hat
- Bug Bounty
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Remote Access Trojan
- RSA Conference
- Trusted Platform Module
- Zero trust