Cybercriminals have stolen up to $400m from cryptocurrency startups over the past two years by exploiting hype and basic coding errors, according to a new research by the Ernst &Young, one of the world's "big four" professional services firms.
The paper says: "Ten percent of ICO funds are lost as a result of attacks. Hackers are attracted by the rush, absence of a centralized authority, blockchain transaction irreversibility and information chaos.
“Project founders focus on attracting investors and security is often not prioritized. Hackers successfully take advantage – the more hyped and large-scale the ICO, the more attractive it is for attacks,” the study said.
The research, which studied 372 ICOs around the world, also found that the offerings raised US$3.7b in funds.
The US is leading the race with the highest volume of ICOs originating from the country (over US$1b). Russia and China follow, with each over US$300m. Honk Kong, Israel, Germany, Canada, UK, Switzerland and Estonia also made it to the top 10.
"As ICOs continue to gain popularity and leading players emerge there is a risk of having the market swamped with quantity over quality," said EY blockchain expert Paul Brody.
"These high-risk investments and the complexity of ICOs need to be managed to ensure their credibility as a means of raising capital for companies, entrepreneurs and investors alike," he said.
Data collected was based on public data sources across exchanges, ICO reports and trackers, data aggregators, news sites, blockchain network scanners/platforms, dedicated blockchain social media and interviews.