• The FBI has warned that North Korean hacker groups, including Lazarus, are targeting cryptocurrency ETFs, potentially compromising billions in assets.
  • Coinbase, custodian for most U.S. crypto ETFs, holds a $320 million insurance policy, covering only 0.12% of its $269 billion in digital assets.

The FBI has raised alarms about North Korean hackers targeting cryptocurrency exchange-traded funds (ETFs), particularly the underlying Bitcoin (BTC) and Ether (ETH) held by custodians. Groups like Lazarus are reportedly eyeing these assets, creating significant risks for investors and custodians alike.

With over $15 billion flowing into spot Bitcoin ETFs since July 2024, Jameson Lopp, co-founder of Casa, warned,

“If a Bitcoin or Ether ETF were hacked, the ETF itself could quickly trade to zero,” potentially leading to a widespread market sell-off. He further explained, “Plenty of investors from non-hacked ETFs would liquidate their positions as users would finally understand the risk of catastrophic loss involved.”

Coinbase, the leading custodian for U.S. crypto ETFs, has implemented a multi-layered security system. Taylor Monahan, lead researcher at MetaMask, described Coinbase’s approach as “get hacked, but don’t get rekt,” highlighting their focus on preventing catastrophic losses. However, concerns about insurance coverage remain.

While Coinbase’s $320 million insurance policy seems substantial, it only covers 0.12% of the $269 billion in digital assets held. Andrew Rossow, a digital media attorney, noted, “$320 million is collectively shared among all Coinbase customers,” leaving ETF assets exposed in the event of a major hack.

The centralization of the U.S. crypto ETF market is another risk factor. Steven Walbroehl, co-founder of Halbron, stressed that relying on a single custodian like Coinbase could pose a systemic threat if it were compromised. While diversification of custodians could spread the risk, it also introduces challenges like transfer complexity and access issues. As crypto ETFs grow, addressing these security vulnerabilities is crucial.

Edited by Harshajit Sarmah

ALSO READ:

FBI Warns of North Korean Hackers Aggressively Targeting Web3 Employees to Steal Crypto
The FBI recommends firms avoid storing wallet info on internet-connected devices and implement secure systems for verifying company individuals.
NewzchainArathy Augusthy