More than 10 percent of funds raised through “initial coin offerings” are lost or stolen in hacker attacks, Reuters reports, citing new research by Ernst & Young.
The professional services firm analyzed more than 372 ICOs, in which new digital currencies are distributed to buyers, and found that roughly US$400 million of the total US$3.7 billion funds raised to date had been stolen, according to research published on Monday.
Phishing was the most widely used hacking technique for ICOs, with hackers stealing up to US$1.5 million in ICO proceeds per month, EY said.
The research also noted that the volume of ICOs has been slowing since late 2017. Less than 25 percent of ICOs reached their target in November, compared with 90 percent in June.
The study comes amid a cryptocurrency investing craze, with young companies raising hundreds of millions of dollars online to fund their projects, with often little more than a handful of employees and a business plan outlined in a “white paper”.
The challenges faced by more recent ICOs in reaching their targets are partly attributable to the lower quality of projects, as well as issues that have emerged around earlier projects, said Paul Brody, EY’s global innovation leader for blockchain technology.
“The volume just exploded, people raised their fundraising goals and the quality just dropped,” Brody said in an interview.
“We were shocked by the quality of some of the white papers, we see clear coding errors and we see conflicts of interest between the companies issuing tokens and the community of token holders.”
In ICOs companies typically raise money to build new technology platforms or to fund businesses that use cryptocurrencies, also called tokens, and blockchain, the software that underpins them. Yet for many of these projects the need for blockchain and cryptocurrencies is often unjustified, according to EY.
It also noted valuations of ICO tokens are often driven by “fear of missing out”, or “FOMO”, and have no connection to market fundamentals such as project development. EY said “FOMO” has led investors to pour money into ICOs at record speeds, with the 10 shortest lasting ICOs attracting US$300,000 per second on average.
The study also found several instances in which the underlying software code of a project contained hidden investment terms that had not been disclosed, or contradicted previous disclosures.
For example, a white paper might state that there will be no further issuance of a cryptocurrency, while the code might leave that option open.
SEC probing blockchain dabblers
Meanwhile, the US Securities and Exchange Commission (SEC) is scrutinizing public companies that change their name or business model in a bid to capitalize on the hype surrounding blockchain technology, SEC Chairman Jay Clayton said on Monday.
Dozens of little-known companies across the globe have seen their share prices leap in recent months after unveiling plans to enter the bitcoin industry or that of its underlying distributed ledger blockchain technology.
In December, the SEC temporarily suspended trading in the shares of Crypto Company, a small firm that saw its stock rise more than 2,700 percent after signing a deal to buy a cryptocurrency data platform.
Clayton warned that it was not acceptable for companies without a meaningful track record in the sector to dabble in blockchain technology, change their name and immediately offer investors securities without providing adequate disclosures around the risks involved.
“The SEC is looking closely at the disclosures of public companies that shift their business models to capitalize on the perceived promise of distributed ledger technology and whether the disclosures comply with the securities laws, particularly in the case of an offering,” he told a conference on Monday.
The chairman also said the SEC had seen “disturbing” evidence that legal professionals have been wrongly counseling clients that initial coin offerings, whereby cryptocurrency start-ups solicit funds from investors who receive tokens in return, do not need to comply with federal securities law.
The SEC has previously said that such fundraisings should comply with securities law and has warned investors more broadly over the risks of cryptocurrency fraudsters.
“I have instructed the SEC staff to be on high alert for approaches to ICOs that may be contrary to the spirit of our securities laws and the professional obligations of the US securities bar,” Clayton said.
– Contact us at [email protected]