With the surge and fall of Bitcoin prices over the past year, some investors have looked to a red-hot fundraising tool known as initial coin offerings (ICOs) for a potential windfall.
But it’s a precarious path to tread for high returns. According to a Monday report from consultancy firm Ernst and Young, roughly 10% of funds raised through ICOs between 2015 and 2017 have been lost or stolen via hacks. In dollar terms, that about $400 million worth of funds stolen from $3.7 billion raised in the more than 372 such offerings from around the world.
“Hackers are attracted by the rush, absence of a centralized authority, blockchain transaction irreversibility, and information chaos,” the paper stated. “Project founders focus on attracting investors and security is often not prioritized. Hackers successfully take advantage— the more hyped and large-scale the ICO, the more attractive it is for attacks.”
Ernst and Young compiled the data using exchange reports, ICO trackers, news sites, interviews, and blockchain network scanners.
ICOs, which allow companies to sell services in exchange for digital tokens, have worried regulators for a while now, with Securities and Exchange Commission Chairman Jay Clayton warning investors in December that the space has “substantially less investor protection than in our securities market.”
Entrepreneurs have seen ICOs as an easy way to fundraise, especially for ideas that may be passed over by venture capitalists. But that’s also led to ICOs of firms with little more than a white paper.
Scammers are also a concern for investors. The SEC recently cracked down on an ICO dubbed PlexCoin that raised about $15 million by promising 13-fold profits in less than a month, dubbing it a scam. Vitalik Buterin, the cofounder of Ethereum, meanwhile warned investors against an ICO claiming a connection with him.