How do Crypto Exchange Hacks affect Crypto Markets?
The digital assets space’s growing popularity has attracted many malicious actors targeting the weaknesses of the space’s surrounding infrastructure. To shed more light on the consequences of cryptocurrency exchange hacks on the broader crypto markets, this study employs a time series regression approach to investigate three research questions related to market prices, trading volumes, and the price of the Uniswap governance token (UNI).
Written by Paolo Di Stefano — July 9th 2023
Abstract
This research article examines the effects of recent cryptocurrency exchange hacks on the broader crypto markets. The study employs a time series regression approach to investigate three research questions related to market prices, trading volumes, and the price of the Uniswap governance token (UNI). Surprisingly, the empirical analysis does not reveal any significant reactions to the hacking incidents across the twelve models examined. The lack of significant results suggests that, in the short term, crypto markets are broadly unaffected by crypto exchange hacks. However, the study acknowledges potential limitations in data collection and the study design, including varying time lags for the incidents to become public and the temporary suspension of exchange services after hacking incidents restricting immediate market reactions. Future research could address these limitations and explore sentiment analysis on social networks as an additional angle to study the impact of hacking incidents on investor confidence.
1. Introduction
One of the core visions of the digital assets space is to provide a decentralized and trustless alternative to the current financial system that heavily relies on powerful centralized institutions. Its growing popularity has however also attracted many malicious actors targeting the weaknesses of the surrounding infrastructure which is still taking shape. The most prominent example is the infamous hack of the at the time largest cryptocurrency exchange Mt. Gox almost a decade ago.
In early 2014, Mt. Gox suffered a security breach that resulted in the loss of up to 850’000 Bitcoins, worth billions of dollars. The impact of this hack was far-reaching, causing panic and significant price volatility in the overall crypto markets. Investor confidence was severely shaken, leading to a decline in Bitcoin’s value and a loss of trust in crypto exchanges (Frankenfield, 2023).
In the meantime, the digital assets landscape has become much more professional and secure. Regulatory frameworks and best practices have been established to enhance security measures and protect users’ funds (PwC, 2022). Additionally, advancements in blockchain technology have led to the development of decentralized exchanges such as Uniswap, which enable crypto trading directly on top of a blockchain network, removing the reliance on a trusted third-party entity (Adams et al., 2020).
Despite the industry’s efforts to improve security, crypto exchange hacks have not yet ceased to occur. Many of the more recently hacked exchanges have made efforts to reimburse affected users, attempting to restore trust (Hope, 2022). However, the news of such hacks expectedly still causes panic among many market participants, as the potential for financial losses and compromised security remains a concern.
Therefore, this research paper aims to analyze the effects of more recent crypto exchange hacks on the broader crypto markets. To be more concrete, a comprehensive list of all crypto exchange hacks and their respective sizes that occurred over the last 32 months is scraped from Hedgewithcrypto.com (Groves, 2023). This data then serves to answer the following three research questions:
RQ1: Have recent crypto exchange hacks led to short-term changes in overall market prices?
RQ2: Have recent crypto exchange hacks led to short-term changes in total trading volumes?
RQ3: Have recent crypto exchange hacks led to short-term abnormal returns for the decentralized exchange governance token Uniswap (UNI)?
A time series regression approach using daily data with zero-to-three-day time lags is applied to all three research questions. Contrary to initial expectations, none of the models indicate any significant reactions to the hacking incidents, suggesting that crypto markets are broadly unaffected by crypto exchange hacks in the short term. To go into more detail and to elucidate why these findings might be misleading, the remaining body of this paper is split into a description of the data collection and methodological approach, a short discussion of the empirical results, and a conclusion addressing potential shortcomings of the models’ validity.
2. Data collection & Methodology
For data collection and data handling, as well as for statistical modeling, the software RStudio is used. A basic web scraping code is applied to retrieve the data on crypto exchange hacks from Hedgewithcrypto.com, which claims to provide “a complete list of cryptocurrency exchanges and platforms that have been hacked or suffered major security breaches” since 2012 (Groves, 2023).
To be able to quantify and compare the severity of each incident, occurrences for which the stolen amount is unknown, and occurrences for which only user data but no funds were stolen are removed. Since the focus lies on recent crypto exchange hacks, only data points after 18.09.2020 are considered. Hence, the final data frame contains a total of seven hacks ranging from four million USD to 600 million USD stolen with a median of 97 million USD stolen.
The necessary data on crypto markets, namely overall market prices (RQ1), trading volumes (RQ2), as well as UNI returns (RQ3), are collected using the crypto2 R package. The package allows access to all available data via the Web API of coinmarketcap.com (CMC) without the need for an API key. This includes data on all coins that were historically listed on CMC as well as aggregated market data, with daily intervals.
For RQ1, the aggregated crypto market capitalization in USD retrieved via the package’s crypto_global_quotes() function is used to express overall market prices. Using the aggregated market capitalization data automatically leads to an appropriate weighting of each cryptocurrency as different nominal prices and total supply per cryptocurrency, as well as varying inflation rates are naturally taken into account. The same function also gives access to aggregated daily trading volumes in USD that can be used for RQ2.
For RQ3, the function crypto_history() is used to retrieve the historical data for Uniswap (UNI) and gives access to its historic daily market capitalization. Using its daily market capitalization to express price movements is again ideal as potential inflationary or deflationary developments can be disregarded. The data on crypto exchange hacks is then matched with the overall crypto market capitalization, trading volume, and UNI market capitalization over the relevant period to retrieve a merged data frame containing all the necessary underlying data.
The empirical approach for addressing the three research questions involves conducting multiple time series regression models to examine potential significant findings. Each research question is explored through a series of four models, with the initial model excluding time lags and subsequent models incorporating time lags up to three days. This aligns with the objective of capturing short term effects. For RQ3, the crypto market’s total market capitalization is included as a control variable to account for the overall market conditions as the goal is to specifically look for abnormal returns.
The expectation that crypto exchange hacks, like the Mt. Gox incident in 2014, would continue to negatively impact investor confidence in digital assets suggests a predicted decrease in total market capitalization for RQ1. The same reasoning applied to RQ2 would imply that crypto exchange hacks are expected to cause panic among market participants and therefore, trading activity is predicted to increase in the days following a hacking incident.
For RQ3, the focus lies on examining the effects of the hacking incidents on the governance token UNI, which belongs to the largest decentralized exchange Uniswap. Governance tokens are the crypto space’s equivalent of voting shares as they grant holders a stake in the decentralized protocol with the right to participate in the decision-making processes and voting mechanisms.
Given Uniswap’s value proposition as a decentralized and trustless exchange that does not rely on centralized entities (Adams et al., 2020), it is expected that exchange hacks would lead to an increase in the price of UNI. This arises from the notion that investors may perceive Uniswap as a more secure and reliable alternative for crypto trading compared to centralized exchanges in the aftermath of hacking incidents.
3. Analysis
The model summaries in RStudio reveal that none of the twelve models employed yield significant results for the research questions at hand. Despite the initial expectation that crypto exchange hacks may have a short-term impact on all three variables of interest, the empirical analysis does not support this hypothesis. Solely the control variable in RQ3 is (highly) significant, confirming the initial assumption that UNI token prices are strongly influenced by overall market movements.
4. Conclusion
The lack of significant results suggests that, at least in the short term, crypto markets’ overall prices, trading activity, and UNI token returns are unaffected by crypto exchange hacks. These findings’ validity might however be limited for multiple reasons.
The first potential shortcoming of the study’s design is that between the occurrence of a hacking incident and this information becoming public, there might be a vastly varying time lag for each incident. A hacking incident where malicious third parties get access to users’ login credentials such as in the case of Crypto.com (Hope, 2022) might only lead to a delayed market reaction.
The hackers might intentionally spread the withdrawal of users’ funds over a longer period to avoid triggering security alerts. Although some of the affected users might notice relatively soon, informing the crypto exchange employees and them investigating why the funds are missing might again take some time. After that, the crypto exchange might first want to assess how many users are affected and ensure security is granted again before publicly confirming such an incident.
A Forbes article on the Crypto.com hack suggests that this might very well be an accurate conjecture as the reported date of the hacking incident both in the article and the data set lies three days before the news of Crypto.com admitting to the hack (Brewster, 2022). However, before Crypto.com’s confirmation, affected users or insiders had potentially already started spreading rumors through social networks and internet forums.
Hence, the exact manner and timeline of how the relevant information spread among market participants both before and after having the certainty of an official confirmation might be very different for each incident. This would mean that the original incident date reported in the data set might not be decisive, and for each incident, additional analysis would be necessary to find out when most market participants would have presumably found out about the incident.
The Forbes article by Brewster (2022) additionally hints at a second potential shortcoming of the study design by elaborating that Crypto.com suspended some of its services after identifying the incident until security was fully restored. Since the most concerned market participants would presumably be those who use the targeted platform, many of them might not be able to access their funds right away due to such suspensions and cannot react immediately. This adds an additional layer of potential time delay for the market to appropriately react to the news of a hacking incident.
Lastly, the prestige of the hacked crypto exchanges and the information on whether they were able to reimburse users for their losses would expectedly also play an important role and was disregarded for the study.
Considering all these limitations in conjunction leads to the conclusion that the study design was most certainly too simplistic, and a more thorough analysis of each incident would have had to be undertaken to achieve more meaningful insights. Crypto markets are complex and highly dynamic, which increases the level of difficulty to model them appropriately. Therefore, future research could try to take the discussed shortcomings into account and investigate the same research questions one more time, which may very well lead to different results.
Conducting a sentiment analysis on relevant social networks might be an interesting addition as users whose funds got stolen or cannot access their funds because of temporary service suspensions might not be able to react to such news in a manner that is reflected in the markets. These users might either seek help, warn others, or simply spread despair on social networks before being able to take concrete action.
References
Adams, H., Zinsmeister, N., & Robinson, D. (2020, March). UNISWAP v2 core.
Brewster, T. (2022, January 20). Crypto.com Admits $35 Million Hack. Forbes.
Groves, K. (2023). List of crypto exchange hacks: Updated for 2023. HedgewithCrypto.com.
PricewaterhouseCoopers (PwC). (2020, December 19). PWC Global Crypto Regulation Report 2023.
