League of Legends Pro, NYS Attorney General Highlight Cryptocurrency Risks

Credit: 360b/ShutterstockCredit: 360b/ShutterstockThe Office of the New York State Attorney General (OAG) released a report on the integrity of cryptocurrency exchanges on September 18. However, a professional League of Legends player, Team Liquid's Yiliang "Doublelift" Peng, had already offered the perfect example of the dangers of relying on these exchanges a few days prior. How? By having roughly $200,000 stolen by someone who gained access to his Coinbase account--and therefore his bank account--after compromising the T-Mobile phone number he used for two-factor authentication.

Doublelift recounted the story on September 14 but said it actually happened several weeks ago. According to the gamer, his phone had been acting strange before the attack, but after contacting T-Mobile, he thought it was just the result of a weird glitch. Now, he believes someone was conducting a port-out scam to gain access to his phone number. Once that happened, the attacker could bypass the two-factor authentication to access his Coinbase account. From there, the hacker emptied Doublelift's virtual wallet--and his actual one, too, because his bank account was connected to Coinbase.

Doublelift expects his finances to be restored after his bank determines that it was fraud and that he didn't, in fact, overdraft on Coinbase transactions. But apparently Coinbase has no intention of reimbursing him for the stolen cryptocurrency (he didn't say how much of the $200,000 was in cryptocurrency and how much was in USD).

"Coinbase says, 'You're sh** out of luck, dude. You can't get any of it back ... it's irreversible," Doublelift said.

We've reached out to Coinbase to learn more about its policies regarding theft and will update this piece if it responds.

STORY TIME - How someone stole $200,000 from me | Doublelift Kai'Sa Penta

Interestingly, this is exactly what the OAG warned about in its report.

"Customers of virtual asset trading platforms face significant risks. In recent years, hackers have infiltrated trading platforms and stolen billions of dollars' worth of virtual currency, leaving customers with little or no recourse. Delays and outages on trading platforms are common, leaving customers unable to withdraw funds and susceptible to significant losses given volatile prices. Public reports have also linked certain trading platforms to deceptive and predatory practices, market manipulation and insider abuses ...," the report says.

"Protections for customer funds are often limited or illusory. Generally accepted methods for auditing virtual assets do not exist, and trading platforms lack a consistent and transparent approach to independently auditing the virtual currency purportedly in their possession; several do not claim to do any independent auditing of their virtual currency holdings at all. That makes it difficult or impossible to confirm whether platforms are responsibly holding their customers' virtual assets as claimed. Customers are highly exposed in the event of a hack or unauthorized withdrawal."

The report was published as a result of the OAG's Virtual Markets Integrity Initiative, which was announced in April and based on information provided voluntarily by nine cryptocurrency exchanges, including Coinbase. Much of the report confirms what many who have followed cryptocurrency for any length of time already knew: that it's hard to judge an exchange based on the limited information available to their customers, that there are few protections against market manipulation and that security has to be taken on faith.

Those warnings are likely to fall on deaf ears when they reach cryptocurrency enthusiasts. The potential upside of getting in early on the next Bitcoin or Ethereum--which basically ruined the graphics card market for several months until prices finally started to drop--is too high. The OAG's hope is to convince people who only became interested in cryptocurrency after Ethereum's rise was so well-publicized, the creation of new cryptocurrencies became commonplace and exchanges started hawking their services to anyone looking to dabble with the new money.

Create a new thread in the News comments forum about this subject
8 comments
Comment from the forums
    Your comment
  • TJ Hooker
    The hack mentioned sounds like a result of SMS 2FA that was compromised. Don't use SMS 2FA if you have an alternative option! (e.g. authenticator app)
  • Christopher1
    There is a simple solution to this: Laws that mandate that these cryptocurrency exchanges have to have ways to return fraudulently taken monies to people.
    A few cryptocurrency exchange CEO's going to jail even just overnight will send the message "Hey, this is not the wild frontier anymore, you have to have some consumer protection methods!"
  • WINTERLORD
    so my next motherboard will have one of these for realtime raytracing kinda makes me wonder now what amd will offer in the future