人工智能新創企業Prome的首席執行官肖恩·埃弗里特（Sean Everett）起初并不確定，他在加密數字貨幣上的投資會帶來怎樣的收益。但是，他絕對沒有想到，他的投資會在瞬間灰飛煙滅。

今年3月，埃弗里特賣掉了手中的蘋果（Apple）、亞馬遜（Amazon）等所有股票，將一大塊收益在一個叫Coinbase的網站上購買了比特幣（Bitcoin）和以太坊（Ethereum）。這個決定讓埃弗里特立即變得更加富有，因為這兩種基于區塊鏈的貨幣的價值在隨后幾周飛速上漲?？墒?，就在埃弗里特于5月17日晚上10點出門遛狗時，他接到了一個電話，那是移動運營商T-Mobile公司打來的，向他確認，公司正在將他的電話號碼轉移到另外一臺設備上。

這個舉動很可疑，因為埃弗里特根本沒有要求過。但是，即使他懇請T-Mobile的服務人員阻止這次轉移，也已經來不及了。沒過5分鐘，埃弗里特的手機服務就突然關閉。此時，他沖向電腦，看到了自己的資產在眼皮底下被人劫走。一連串的電子郵件通知告訴他，有人已經控制了他的Gmail主賬戶，打入了他在Coinbase的“錢包”。竊賊能進來，是借助了他的被轉移的電話號碼。埃弗里特的賬戶在登錄時必須輸入手機上收到的雙重驗證碼短信，這是第二道保險?？稍诋敃r，短信被直接發給了竊賊。

竊賊只花了兩分鐘就將埃弗里特賬戶里當時價值數千美元的數字貨幣洗劫一空。埃弗里特覺得，更讓他痛苦的是后來發生的事情：以太坊的價格在接下來的三周翻了兩番。6月的一個潮濕的下午，我在紐約的一家咖啡店里見到了埃弗里特。就在我們見面的幾個小時前，以太坊創下了400美元的歷史新高。此前一天，比特幣首次突破了3,000美元。對于自己的數字貨幣不翼而飛，埃弗里特到現在還是耿耿于懷。他痛惜地說：“我不光是本錢沒有了，還錯過了這么大漲幅。”

不過，最讓埃弗里特以及其他很多比特幣愛好者感到驚訝的，是有人居然能夠在Coinbase盜竊。這家位于舊金山的公司是世界最大的加密數字貨幣交易所，是極少數保險柜未遭黑客攻擊的公司之一。在區塊鏈世界里，這一榮耀尤其被人看重，因為此前發生過幾起損失慘重的黑客事件，成了全球性的頭條新聞。幾乎所有的早期投資者都會對你提及，他們在Mt. Gox損失了錢。2014年，黑客從這家比特幣交易所劫掠了將近5億美元，它隨之倒閉。去年夏天，竊賊瞬間從香港的加密數字貨幣交易所Bitfinex搶走了7,200萬美元。

但是黑客從未攻破過Coinbase的虛擬堡壘。牢不可破使它有了“買比特幣最安全”的名聲，幫助它吸引了900多萬名用戶，他們至少在那里存放了價值30億美元的加密數字貨幣。到目前為止，在它的零售交易平臺和機構交易平臺GDAX，至少已經進行過價值250億美元的交易。Coinbase已經有五年歷史，在新一輪融資中融到了1億美元，估值高達16億美元，成為了區塊鏈行業的第一只“獨角獸”。風投資本家、Coinbase最早最大的投資者之一弗雷德·威爾遜（Fred Wilson）在3月的一次會議上說：“看看這家公司最出色的地方，比如安全性、受信任度和防護能力，這些顯然都是銀行的強項。它就像區塊鏈里的摩根大通（JP Morgan）或高盛集團（Goldman Sachs）。”

但是，Coinbase的個別用戶確實曾經被盜賊光顧過，而且頻繁程度也令人吃驚和不安。即便是威爾遜自己也曾經被猛烈驚醒：今年6月初在歐洲度假時，他吃驚地看見了埃弗里特收到過的那類提醒郵件，有一名闖入者試圖進入他的Coinbase賬戶。威爾遜在錢被偷走前成功地鎖住了賬戶。但是，在一篇博客中，他對自己投資的一家公司發表了罕見的公開抨擊：“這次經歷讓我至今心有余悸，自然也有了幾分懷疑?！?

自從那以后，《財富》雜志曾經和10多名受害者交談，他們當中有技術公司的高管，也有著名的區塊鏈支持者。他們在Coinbase的賬戶都曾經被盯上和攻擊過，方式幾乎相同；其他交易平臺遭受到的攻擊更多。在埃弗里特遭搶之后的第二天，洛杉磯的企業家亞當·達奇斯（Adam Dachis）的時值10,000美元的賬戶資產被清空。7月7日，竊賊又清空了區塊鏈行業顧問邁克·科斯塔奇（Mike Costche）在Coinbase賬戶里的18,000美元，當時他在國外旅行，竊賊是趁他晚上睡覺時花了4個小時干的。自從去年圣誕節以來，Coinbase的用戶平均每月被搶30次，相當于每天一次。

每次案件都讓人們產生了相同的、始料不及的想法，人們開始關注區塊鏈固有的吊詭：讓加密數字貨幣有別于傳統貨幣的典型優勢，即交易的即時性與不可逆性，同時也是它的致命缺陷。位于倫敦的區塊鏈情報機構Elliptic的聯合創始人及首席數據官湯姆·魯賓遜（Tom Robinson）說：“比特幣存在的原因之一是它的抗監管性?！边@意味著沒有人能夠阻止數字貨幣交易的發生，政府或中央銀行也不行。因此，傳統銀行儲戶所倚仗的防欺詐措施對于數字貨幣交易基本沒用。魯賓遜說：“拒付、可逆與創建比特幣的目的水火不容?！?

因此，每當犯罪分子手癢想搶劫時，他們越來多地選擇加密數字貨幣而非實際貨幣。2016年，在美國聯邦調查局（FBI）的互聯網犯罪投訴中心（Internet Crime Complaint Center）收到的報告中，來自于和虛擬貨幣相關的犯罪的損失高達2,800萬美元，超出2015年三倍多。而且，這一數字還是基于受害者個人的自愿報告得出的，也不包括在Bitfinex等交易平臺上發生的大規模黑客盜竊。所以，實際損失可能要高出幾個數量級。

針對傳統金融機構的網絡犯罪也在增長：例如，據Javelin Strategy & Research公司，通過所謂的賬戶接管偷錢——與Coinbase黑客事件類似的一種犯罪——在去年增長了61%，達23億美元。但是，與存放在銀行里的萬億美元相比，這類網絡犯罪涉及的金額相對很小。但加密數字貨幣的全部市值只有1,350億美元，黑客盜走的份額要大得多。例如，網絡安全公司Chainalysis稱，過去12個月，犯罪分子已經偷走了以太坊總市值的1%，即2.25億美元。同期比特幣的損失估計更高。

前公司黑客、美國西北大學（Northwestern University）凱洛格管理學院（Kellogg School of Management）的一位教授莫蘭·瑟夫（Moran Cerf）解釋說，實體銀行的劫匪面臨“兩大難題：把錢偷走和埋藏證據。比特幣不存在第二個問題，因為所有人都是匿名的?！睂τ诮灰撞豢赡孢@樣的缺陷，比特幣的鐵粉們似乎能夠接受。區塊鏈投資人克里斯·伯尼斯克（Chris Burniske）說：“我把這看成是特色，而不是漏洞?！辈崴箍说男轮都用苜Y產》（Cryptoassets）即將出版。不過，他的比特幣賬戶在去年12月被洗劫過，被偷走的比特幣價值在如今超過10萬美元。

但是，當受害者看著他們的錢被取走，進入了不知名的陌生人的數字錢包時，對于Coinbase來說，這就不僅僅是一個難題了：這是對比特幣自己的承諾的威脅。隨著加密數字貨幣價值的飆升，越來越多的投資者面臨的問題，不僅僅是如何從中獲利，還有如何牢牢地持有。今年5月，科迪·布朗（Cody Brown）的賬戶在短短15分鐘內就被黑客取走了8,000美元。他抱怨說：“Coinbase看起來像銀行，說話也像銀行，像銀行那樣收了幾百萬美元現金?？蓪嶋H上，它做事就像燈光昏暗的地下賭場。直到被黑客偷了錢，你才會發現，那些方方正正的字體、柔順的藍色梯度變化曲線和無休止地復制信任聲明文字對你來說毫無意義?！?

Coinbase拒絕討論具體案件，只說它在調查所有的賬戶接管事件。但現年34歲的創始人和首席執行官布萊恩·阿姆斯特朗（Brian Armstrong）表示，布朗和威爾遜的經歷“有助于”指導公司改善業務。公司的安全措施已經能夠匹敵甚至超越銀行，比如利用機器學習發現可疑行為，強制施行雙重驗證。但是，阿姆斯特朗承認，Coinbase已經成為了一個誘人的目標。他對《財富》雜志說：“我們需要實行更高的標準，因為數字貨幣是非常有趣和強大的新事物，很多人忍不住想偷?！?

如果比特幣是宗教，相對于“耶穌應該怎么做”，它的口號就是“成為你自己的銀行”。這是被行業內廣泛接受的非正式口號。2009年，神秘的創始人（可能不只一位）以“中本聰”（Satoshi Nakamoto）的名義發布了區塊鏈。發布者把區塊鏈視為電子現金的理想形式。中本聰在一份傳奇白皮書中寫道，這種電子現金“無須經過金融機構”就可以換手。

但是，這一理想貨幣也吸引來了破壞分子，讓很多潛在的接受者望而卻步。阿姆斯特朗從中發現了機會：改善這個在當時由“黑客和秘密搗亂分子”統治的行業的形象。他說：“如果讓這個行業成為主流，就必須要有更受信賴的品牌?！?

阿姆斯特朗是愛彼迎（Airbnb）早期的工程師，2012年，他離職創辦了“數字貨幣的Gmail”。他的戰略是：讓存儲、買賣加密數字貨幣變得更加容易和安全。早期的比特幣錢包公司允許客戶追查他們的私鑰：一個由64個字符組成的密碼口令，僅憑這個密碼就可以獲取某人的加密數字貨幣。但Coinbase做了一個開拓性的創新：代客戶儲存密鑰。這也存在風險：客戶要拿到比特幣，不一定要知道真正的密鑰，只用一個密碼口令即可，對于黑客來說同樣是如此。這位面帶稚氣的首席執行官承認：“我們這是承擔了一個巨大的責任。但我也認為，要讓行業上規模，使數字貨幣擁有下一個1億或10億用戶，這一步是必須要走的?！?

Coinbase已經展現出了向大眾推廣這種新型資產的獨一無二的能力。他們的基礎客戶群大部分在美國，在過去5個月里已經增長了50%，每天最多有5萬人注冊。僅7月的交易量就是2016年全年的兩倍。Coinbase從中收取交易手續費，據說已經接近實現盈利。在《財富》雜志今年的40位40歲以下的商界精英排行榜上，阿姆斯特朗排名第10位。不過，他對本公司的局限性心知肚明。他說：“一般人往高處想，可能以為我們是數字銀行，但我們不是銀行?！迸c銀行不同，Coinbase不放貸。更為關鍵的是，Coinbase雖然像貝寶（PayPal）或西聯匯款（Western Union）那樣接受對貨幣轉移機構的管制，但它不在美國聯邦存款保險公司（FDIC）的承保范圍內，也不受到用來監管銀行的消費者保護法的約束。

阿姆斯特朗的工資一直以比特幣的形式支付；他每月套現出一定的美元，以支付租金。他的很多員工跟他一樣。他們比任何人都更加了解安全問題，但保護好消費者顯然是嚴峻的挑戰：從技術上來說，由于黑客是利用威瑞森（Verizon）、Sprint等通信運營商的弱點從客戶端攻破了消費者的賬戶，并不能把這些黑客行動直接說成是Coinbase的錯誤。一位高管說：“理性地說，我們很難阻止有人從客戶的賬戶上取錢。”

盡管如此，Coinbase承擔不起忽視這個問題的代價。它是真的沒有錢去承擔。雖然說它不是銀行，但當傳統金融機構突然退來因黑客造成的欺詐性支付款項時，Coinbase仍然要承擔銀行業系統協議規定的費用。例如，當達奇斯遭竊后，Coinbase的一位客戶支持代表在電子郵件里反而向他抱怨，因為交易被當作“詐騙”報告給了銀行，由此造成的沖正（即銀行系統對已經成功記賬的交易進行撤銷的行為——譯注）給Coinbase造成了1,657.41美元的損失。公司的數據科學主管蘇普斯·蘭詹（Soups Ranjan）不久前在一次行業活動上說：“我們公司背了黑鍋?！贝祟悊栴}，再加上以未授權信用卡購買數字加密貨幣的情況，給Coinbase制造的成本占其營業收入高達10%，詐騙活動給公司造成的損失是貝寶的20倍。蘭詹說：“我絕對相信，我們面對著如今世界上最難解決的支付欺詐和用戶安全問題?！?

為了抗擊欺詐，Coinbase一直在利用分析技術預測，哪位客戶欺詐和拒付的風險最高，然后先發制人地限制他們的購買能力，甚至鎖住他們的賬戶。但是這么做也有不利的地方，客戶為此心情沮喪，公司的后端服務臺積壓了數萬條幫助請求。Coinbase只有大約180名員工，其招聘速度無法跟上工作需要，目前正在填補100個工作崗位。直到9月，Coinbase甚至沒有客戶支持電話。

與此同時，Coinbase還一頭陷入了很多人預料到的一個情況，這也是加密貨幣與高盛集團最為接近之處。2015年，僅有802名美國納稅人在報稅單上報告了他們投資比特幣的收益，美國國稅局（IRS）請求法院命令Coinbase提供用戶記錄。今年，公司出現了第一次“閃崩”，以太坊的價格暴跌至10美分，市場在短時間內陷入極度恐慌。公司稱，所有交易均“正常進行”，但最終同意，出于善意，公司將補償交易者因被要求追加保證金所造成的損失。8月初，比特幣區塊鏈的一個“硬分叉”（對比特幣區塊鏈的一種升級，升級后的比特幣不再兼容之前的版本，等于創造出了一種新幣——譯注）制造出了另外一種名叫“比特幣現金”（Bitcoin Cash）的貨幣，Coinbase一開始說不會支持。幾小時后，它遭受了一次DoS（拒絕服務）攻擊，讓這家交易所徹底斷網，客戶紛紛威脅起訴。有人認為，這是對它拒絕支持比特幣現金的報復。Coinbase最終屈服：賬戶持有者可以持有比特幣現金至2018年。阿姆斯特朗說：“我們處于極快的增長期，特別令人激動，也有點混亂?！?

在很多區塊鏈的狂熱愛好者看來，Coinbase被黑提醒他們，把加密數字貨幣存放在別人那里是一件危險的事情。Civic是一家利用區塊鏈技術進行身份驗證的公司，該公司的首席科技官喬納森·史密斯（Jonathan Smith）說：“不擁有密鑰，就不擁有比特幣。”不過話又說回來，比特幣有一個骯臟的小秘密：作為這樣一種濃縮了未來的資產，一些人管理它的辦法，簡直像是回歸到了封建時代。

自己存放密鑰的比特幣投資者通常采用最原始的保護方法，和把現金藏在床墊底下差不多：比如把密鑰打印在一張紙上，剪成幾片，分配給家人，不讓家人知道應該如何把它完整地拼湊起來；或者把密鑰做成一個加密文件保存在一個U盤上，埋在自家后院里；或者干脆死記硬背。這些臨時想出來的應急辦法也有缺陷，招致的損失也數不勝數：紐約的一位老兄把自己的硬盤重新格式化了，忘了里面還有價值2.5萬美元的比特幣的密鑰。一家對沖基金研究機構的分析師多米尼克·福格蒂（Dominic Fogarty）在參加了一個單身漢派對之后，把存放了加密數字貨幣的手機落在了出租車里，他到處尋找，總算把它找了回來。他對《財富》雜志說：“是的，我們錯過了火車，但更重要的，是我的比特幣沒丟。”

還有一個最大的諷刺：比特幣安全的黃金標準是把密鑰存放在不能上網的地方，稱為“冷存儲”，但這通常意味著要把它們放在區塊鏈的支持者特別想避開的地方：銀行。有一位加密數字貨幣對沖基金的經理，曾經去查看他在富國銀行（Well Fargo）的保險箱，他在那里存放了價值500萬美元的密鑰，結果卻發現箱子是空的！（幾周后，正確的箱子找到了，原來被放在了指定位置的下一排。）即便Coinbase公司自己也以銀行為其部分冷存儲的地方，它把客戶資金的98%放在了銀行里。阿姆斯特朗承認：“我覺得，這樣的做法確實有點舊?！辈贿^呢，這也可能是未來，因為越來越多的主流投資者想入手加密數字貨幣，但他們又不想自己成為銀行。

對于加密愛好者來說，這么干完全是離經叛道。邁克爾·克里格（Michael Krieger）曾經擔任雷曼兄弟公司（Lehman Brothers）的分析師，被金融危機搞得理想破滅，離開了華爾街，從事加密數字貨幣行業。他說：“我不會把我的私鑰托付給銀行里的保險箱，我只會托付給自己?！辈贿^，昔日的金融衛士與區塊鏈的叛逆者之間的高墻已經開始瓦解，也許終有一天，這兩個系統將實現無縫融合。道富銀行（State Street）的一名前高管梁滸稱：“我們想擺脫的一些規則和流程正好是我們想要用來保護客戶的規則，這幾乎是諷刺，也很有意思?！绷簼G今年8月從道富離職，為機構投資者開辦了一家加密數字貨幣交易平臺。區塊鏈的信徒盡管夢想取代幾百年來定義了銀行的那些規矩，但他們正在意識到，完全擺脫這些規矩根本不可能。

今年8月的一個早晨，喬納森·萊文（Jonathan Levin）在他位于曼哈頓的一家聯合辦公空間的辦公室里迎接我，他騎了6英里（約9.66千米）的自行車來上班，此時仍然喘息未定。這位27歲的旅美英國人身穿一件灰色純棉T恤，上面寫著“比特幣，創建于2009年”。他放肆地對我大聲說：“打擊網絡犯罪的地方，就是這個樣子！”

萊文是Chainalysis公司的聯合創始人，這是一家新創企業，追蹤虛擬貨幣的走向，并調查其非法使用。據了解相關調查的人說，Chainalysis曾經在今年7月的一周時間內，協助執法部門，扳倒了兩家公司，并對其提出了犯罪指控，一家是“黑網絡”市場AlphaBay，另一家是臭名昭著的數字貨幣交易所BTC-e。此前，該公司已經能夠鎖定從Mt.Gox和Bitfinex偷出的資金的去向：比特幣的所有交易紀錄都不可篡改，實際上指明了資金的流動線路，任何人都能找到接收資金的數字錢包的地址。Chainalysis的人工智能“群集”技術能夠確定資金經過的交易所，但是，在尋找這些數字錢包的控制者時，公司似乎沒有什么進展。我問：“有多少人因為從比特幣大交易所偷竊被抓？”萊文生動地回答：“答案是零?！?

凱瑟琳·豪恩（Kathryn Haun）說：“這個答案不完全對。”她曾經是領導打擊虛擬貨幣犯罪行動的聯邦檢察官，今年5月加入了Coinbase董事會。她說，確實沒有人因為侵入交易所或以電子手段盜竊加密數字貨幣而入獄，但對AlphaBay和BTC-e做的調查是首批案件，尚未結案。由于數字錢包是匿名的，調查人員可能要花好幾年時間才能夠將這些案件與某個人聯系起來，這需要從Coinbase這樣的交易所和互聯網更不知名的角落搜集數據。豪恩說：“我會把它比做傳統的銀行盜竊。如果竊賊戴著面具、假發和手套，想抓到他可能非常難，但不是不可能?！?

個別盜竊案可能太小，不足以讓聯邦調查接手，但越來越多的受害者向聯邦調查局等政府機構報告犯罪行為，帶來了更大的希望。Chinalysis在7月開設了一個特別調查部門，如有黑客入侵受害者提出請求，便提供幫助。專家認為，實施盜竊的犯罪分子來自于復雜的組織，它們擁有技術和人手，在社交網絡上搞拉網式的搜索，尋找有關加密數字貨幣的賬戶信息。而它們擁有的資源可以讓它們在24小時里給電信運營商威瑞森打28次電話，直到成功地將某個手機號碼移植到其他電話上（即不斷給運營商打電話，編造各種理由，說服客服人員把某個號碼轉移到其他手機——譯注）。這便是對沖基金Cyrptochain Capital的管理合伙人亞當·波科爾尼基（Adam Pokornicky）的遭遇。做這么大的騙局不可避免地會留下痕跡，從中可以找到作案的模式。豪恩說：“手機移植騙局已經引起了執法部門的注意，請看好戲吧?！?

即使如此，就算區塊鏈世界的各方聯手將網絡犯罪分子成功抓獲，也不能保證受害人拿回他們的錢。用于指控加密數字貨幣盜竊者的部分司法先例還未得到驗證，對于無形資產能否沒收，仍然存在問題。首先，拿獲這些贓物必須知道私鑰。杰弗里·伯恩斯（Jeffrey Berns）來自于加州一家專業從事數字貨幣案件的律師事務所，他說：“犯罪分子可以抓到，但政府無法強迫他們說出寶貝在哪里?！痹谝粋€最為重視去中心化的系統里，銀行業的保險箱根本不存在。伯恩斯說：“這里沒有消費者保護措施，我也不知道能不能有。”

在瑞士一座大山深處，有一處深達200米的洞穴，是二戰時期的一座軍事地堡，那里據信是目前全球最大的比特幣倉庫。在2014年Mt.Gox被黑之后，一位阿根廷的科技創業者文塞斯·卡薩雷斯（Wences Casares）認為，有一個辦法可以解決比特幣的存放問題：深入地下。

他的公司Xapo目前在五大洲運營著受到重重保衛的地庫，有的地庫深入地下達1,000米。每個地庫都擺著所謂的氣隙服務器（即不與互聯網相連的服務器——譯注），保存著加密的私鑰。Xapo的總部位于帕洛阿爾托（Palo Alto），它的客戶有的來自于新興市場，其賬戶上只有5美元；也有全球最大的對沖基金和金融機構。對于不讓他們受到黑客入侵，公司派特工監督服務器的制造，一直到下生產線，并將服務器護送到秘密地庫，確保它們完全不接觸互聯網?？ㄋ_雷斯還擔任貝寶的董事，他說：“我們不得不去保護密鑰，這多少有點荒唐。”

但即便這樣的保護措施也有局限。當客戶出于交易的目的將資金挪到Xapo的“熱錢包”（這本身是一個48小時的過程）時，這筆錢就有可能遭受Coinbase賬戶所遭遇到的攻擊。換句話說，只要你想動用，你的加密數字財富就不安全。

?

盜賊的手段

據接近Coinbase公司的人稱，它的用戶每年因為黑客入侵損失高達500萬美元。入侵怎樣進行？元兇為何如此難以捉到？

窺視

騙子搜索區塊鏈行業的人，尋找目標。他們可能會結合社交媒體上有關比特幣和Coinbase的信息。攻擊者先要從網上的貼文或此前的數字外泄中找到目標的電子郵件地址和手機號碼。

呼叫轉移

然后，騙子聯系受害人的移動運營商，將手機號“轉接”到一臺由他們控制的設備上。

假扮受害者

由于Gmail的賬戶通常綁定手機號碼，作為備用的讀取方式，讓騙子們能夠登入目標的電子郵箱，并重置密碼，然后在Coinbase上做同樣的事情。

“進來了！”

除了密碼口令，Coinbase要求雙重驗證。結果，雙重驗證被發給了已經登入賬戶的騙子。

溜走

騙子將資金挪到他本人控制的數字“錢包”里。執法部門很容易追蹤到區塊鏈中被盜數字貨幣的去向，但他們無法阻止交易，也難以找出控制那些錢包的人。

洗錢

為了掩蓋路徑，騙子將貨幣轉移到海外“加密數字貨幣交易所”或將其轉化為難以追蹤的其他形式的數字貨幣。最終，他得以將其變成現金或是其他資產。

怎樣更好地保護加密數字貨幣

要加強安全：

>給手機號設置“不準轉接”的指令。

>不以短信形式發送雙重認證信息，使用Google Authenticator這樣的app應用。

>采用專門的密碼口令，不用于其他社交媒體的賬戶。

（財富中文網）

譯者：天逸

Sean Everett wasn’t sure how his bullish bet on cryptocurrency would turn out. But he definitely didn’t expect it to be over so soon.

In March, he sold all his stocks, including Apple and Amazon, and used a chunk of the proceeds to buy Bitcoin and Ethereum on a site called Coinbase. The decision made Everett, the CEO of artificial intelligence startup Prome, almost instantly richer, as the blockchain-based currencies’ value rocketed up exponentially over the next several weeks. But then, while he was out walking the dog after 10 p.m. on Wednesday, May 17, Everett got the call. It was T-Mobile, ringing him to confirm that it was switching his phone number to a different device.

It was a suspicious move that Everett had most certainly not requested. But even as he pleaded with the agent to block the switch, it was too late. Less than five minutes later, Everett’s cell service abruptly shut off, and as he rushed to his computer, he saw himself being robbed in real time. A raft of email notifications confirmed that someone had taken control of his main Gmail account, then broken into his Coinbase “wallet.” They’d gotten in with the help of his switched-over phone number: Everett’s account required him to log in with a two-factor authentication code sent by text message, as a second safeguard—and now the text had gone straight to the thief.

It took only two minutes for the attacker to clean Everett out of what was then a few thousand dollars’ worth of digital coins. From Everett’s perspective, the even more painful heist was what came next: Ethereum’s price quadrupled over the next three weeks. It had reached its all-time high of $400 just hours before I met Everett in a New York coffee shop on a humid June afternoon. Bitcoin, meanwhile, had broken $3,000 for the first time a day earlier, and Everett was pining for his missing digital coins. “I’m not only still out my money, I also didn’t get the rise in price,” he lamented.

Then again, the biggest surprise for Everett—and, it would turn out, for many other Bitcoin enthusiasts—was that the theft happened on Coinbase at all. San Francisco’s Coinbase, the world’s largest exchange for trading cryptocurrency, is one of very few such companies whose own coffers have never been hacked, a distinction that carries extra weight in the realm of blockchain, where several costly breaches have made global headlines. Almost any early investor you talk to lost money in Mt. Gox, an exchange that collapsed in 2014 after hackers pillaged nearly $500 million in Bitcoin. Last summer, thieves grabbed $72 million from Hong Kong cryptoexchange Bitfinex in one fell swoop.

But hackers have never breached Coinbase’s own virtual fortress, and that impenetrability has earned it a reputation as the safest place to buy Bitcoin, helping it attract more than 9 million customers who store at least $3 billion in crypto-currency there, and who have traded $25 billion to date on its retail brokerage as well as its institutional exchange, GDAX. The five-year-old Coinbase just raised $100 million in new funding, valuing the company at $1.6 billion—making it the blockchain industry’s first “unicorn.” “If you look at what they are world-class at, it’s security, trust, safety?…?all these things that, frankly, banks are good at,” Fred Wilson, the venture capitalist and one of Coinbase’s earliest and largest backers, said at a conference in March. “They’re like JPMorgan or Goldman Sachs for blockchain.”

But Coinbase’s individual customers do get burglarized—with surprising and unsettling frequency. Even Wilson himself was in for a rude awakening: While vacationing in Europe in early June, the VC woke up to the same telltale emails that Everett saw, signaling that an intruder was trying to get inside his Coinbase account. Wilson managed to lock it down before anything was stolen, but in a rare public chastising of a company in his own portfolio, he wrote in a blog post: “I am still a bit shaken up from the experience and a fair bit more paranoid from it.”

Since then, Fortune has spoken with more than a dozen victims, including tech CEOs and well-known blockchain proponents, whose Coinbase accounts have been targeted and hacked in almost exactly the same fashion; still more have been attacked on other exchanges. The day after Everett’s robbery, Los Angeles entrepreneur Adam Dachis’s account was wiped out of what was then $10,000. On July 7, thieves emptied $18,000 from the Coinbase wallet of blockchain adviser Mike Costache, during the four hours he slept one night while traveling overseas. Since Christmas, there have been months when Coinbase users have been robbed as often as 30 times—a rate of one robbery every single day.

In each case, the same blindsiding realization arrives, bringing the inherent paradox of blockchain into focus. The quintessential strength that sets cryptocurrency apart from traditional money—that transactions are instant and irreversible—is also its fatal flaw. “One of [Bitcoin’s] reasons for existence is that it’s censorship-resistant,” says Tom Robinson, cofounder and chief data officer of Elliptic, a London-based blockchain intelligence firm. That means no one, not even a government or central bank, can stop a digital currency transaction from happening. And therefore the fraud protections traditional bank depositors rely on are mostly unavailable. “Any kind of charge-back and reversibility would be the antithesis of what Bitcoin was created to achieve,” says Robinson.

That’s one reason that, when criminals want to pull a heist, they’re increasingly choosing cryptocurrency over real dollars. In 2016, $28 million in losses from crimes involving virtual currency were reported to the FBI’s Internet Crime Complaint Center, more than triple the 2015 total. And that figure is based heavily on voluntary reports by individual victims. It doesn’t include large-scale thefts from exchanges like the Bitfinex hack, so it likely underestimates the true damages by many orders of magnitude.

Cybercrime is rising at traditional financial institutions too: For example, thefts through so-called account takeovers, a crime analogous to the Coinbase hacks, rose 61% last year to $2.3 billion, according to Javelin Strategy & Research. But hacking losses are a blip relative to the trillions of dollars kept in banks. Hackers are stealing a much larger proportion of the crypto-currency pie, whose total market value is only about $135 billion. In the past 12 months, for example, criminals have absconded with 1% of Ethereum’s total market value, or $225 million, according to cybersecurity firm Chainalysis; the Bitcoin toll is estimated to be even higher.

Brick and mortar bank robbers have “two problems: stealing the money and hiding the evidence,” explains Moran Cerf, a professor of business and neuroscience at Northwestern’s Kellogg School of Management and a former corporate hacker. “Bitcoin solves the second one for you because everyone there is anonymous.” Bitcoin diehards seem resigned to the reality of irreversible transactions—and its drawbacks. “I think of that as a feature and not a bug,” says Chris Burniske, a blockchain investor and author of forthcoming book Cryptoassets—even though his own accounts were looted in December for digital coins that would now be worth over $100,000.

But when victims watch their money up and leave into the digital wallet of a nameless stranger, it becomes more than just a problem for Coinbase: It’s a threat to the promise of Bitcoin itself. As the value of cryptocurrency soars, more investors are grappling not just with how to profit from it, but how to hold on to it at all. “Coinbase looks like a bank, talks like a bank, and takes millions of dollars in cash like a bank, but, in practice, it functions like a dimly lit underground casino,” says Cody Brown, whose account was hacked for $8,000 in the span of just 15 minutes in May. “You don’t realize that the balanced fonts, smooth blue gradients, and endless copy about trust mean absolutely nothing—until you are robbed blind.”

Coinbase, for its part, won’t discuss specific cases except to say that it investigates all account takeovers. But Brian Armstrong, Coinbase’s 34-year-old CEO and founder, says Brown’s and Wilson’s experiences were “helpful” in teaching the company how to improve. Its security measures already match or exceed those at banks—from using machine learning to detect dubious activity, to mandating dual-factor authentication. Yet Armstrong recognizes that Coinbase is also a juicier target: “We need to be held to a higher standard,” he tells Fortune, “because digital currency is so new and interesting and powerful that it is attractive to a lot of people out there to try to steal it.”

If Bitcoin were a religion, its equivalent of “What would Jesus do?” would be “BYOB: Be your own bank,” an unofficial slogan widely embraced in the industry. The original blockchain was launched in 2009, by the mysterious founder (or founders) going by the name Satoshi Nakamoto, as a utopian form of electronic cash that could change hands, as Nakamoto wrote in a legendary white paper, “without going through a financial institution.”

But that ideal also attracted a subversive element, repelling many potential adopters. That’s where Armstrong saw an opportunity to bring polish to an industry run by “hackers and crypto-anarchists” at the time, he says: “If this was going to go mainstream, it needed something that had a more trusted brand around it.”

An early engineer at Airbnb, Armstrong quit in 2012 to create the “Gmail for digital currency.” His strategy: making it easier and safer to store, and then buy and sell, cryptocurrency. While early Bitcoin wallet companies made people keep track of their own private keys—the secret 64-character passwords that alone provide access to one’s cryptocurrency—Coinbase’s pioneering innovation was its offer to store keys on customers’ behalf. That also came with risk, as customers wouldn’t need to know their actual key, but rather just a password, to get to their Bitcoins—and neither would a hacker. “That’s a big responsibility to take on,” the fresh-faced CEO admits. “But I also think it’s necessary to help the industry scale and make digital currency accessible to the next 100 million or billion people.”

Coinbase has demonstrated a unique ability to bring the new asset class to the masses. Its base of customers, most of whom are in the U.S., has grown 50% just in the past five months, with as many as 50,000 signing up in one day; trade volume in July alone was twice as much as all last year. Coinbase, which makes money by charging transaction fees, is said to be nearing profitability, and Armstrong ranks No. 10 on this year’s Fortune 40 Under 40 list. But he is pretty clear about his company’s limits. “The average person may at a high level think of us as a digital currency bank, but we’re not a bank,” he says. Coinbase doesn’t lend money, as banks do. And critically: Coinbase, which is regulated as a money transmitter like PayPal or Western Union, isn’t covered by the FDIC or bound by all the consumer protection laws that govern banks.

Armstrong has long taken 100% of his salary in Bitcoin; he now cashes out enough into dollars each month to cover his rent. Many of his employees do the same. They understand the security issues better than just about anyone, yet protecting customers is proving to be a gnarly challenge: Technically, because hackers are breaching accounts from the consumer end, exploiting weaknesses at companies like Verizon and Sprint, the hacks aren’t directly Coinbase’s fault. “Within the realm of reason, it’s very difficult for us to prevent their account from being drained,” says one executive.

Still, Coinbase can’t afford to ignore the problem—literally. Even though it is not a bank, Coinbase still bears the cost of banking-system protocols, when traditional financial institutions yank back fraudulent payments induced by hackers. For example, when Dachis was robbed, a Coinbase customer support rep complained right back to him by email that “Coinbase has suffered a $1,657.41 USD loss due to bank reversals” of transactions subsequently reported as fraud. “Coinbase is left holding the bag,” Soups Ranjan, the company’s head of data science, said at a recent industry event. Problems like this—along with unauthorized credit card purchases of cryptocurrency—cost Coinbase a stunning 10% of all revenue it collects, a fraud-loss rate 20 times as high as PayPal’s. “I firmly believe,” Ranjan added, “we have the hardest payment fraud and user security problem in the world right now.”

To combat that, Coinbase has been using analytics to predict which customers have the highest risk of fraud and charge-backs, and preemptively limiting their purchasing power or locking their accounts. But that method comes with a downside of its own in the form of frustrated customers—and a backlog of help-desk requests that has stretched into the tens of thousands. With about 180 employees, the company hasn’t been able to hire fast enough to keep up with demand and is now looking to fill another 100 positions. Coinbase doesn’t even have a phone number for customer support, though it plans to add one in September.

At the same time, Coinbase finds itself slamming headfirst into the expectations that come with being the closest thing cryptocurrency has to Goldman Sachs. The IRS has gone to court seeking Coinbase user records, after only 802 U.S. taxpayers reported Bitcoin profits on their tax returns in 2015. In June, Coinbase had its first “flash crash,” with Ethereum’s price collapsing to 10￠ for a brief, panicky stretch; the company said that all trades “were executed properly” but eventually agreed, as a courtesy, to reimburse traders who had lost money owing to margin calls. And in early August, when a “hard fork” of the Bitcoin blockchain created another currency called Bitcoin Cash, Coinbase initially said it wouldn’t support it. Hours later, a denial-of-service cyberattack—which some perceived as retaliation—knocked the exchange completely offline, and customers began threatening to sue. Coinbase gave in: Account holders will be able to withdraw their Bitcoin Cash by 2018. “We’re in a period of hypergrowth, and it’s superexciting and a little chaotic,” Armstrong says.

For many blockchain enthusiasts, the Coinbase hacks have been a reminder of the danger of letting anyone else store your cryptocurrency. “If you don’t own the private keys, you don’t own the coin,” says Jonathan Smith, the chief technology officer of Civic, a company that uses blockchain tech for identity verification. Then again, Bitcoin has a dirty little secret: For an asset that epitomizes the future, managing your coin yourself can feel like a journey into the troglodytic past.

Smart-money investors who store their own keys often resort to the most rudimentary of tactics to protect them. They’re the Bitcoin equivalent of stuffing cash under the mattress: a private key printed out on a sheet of paper, cut into pieces, and distributed among family members who don’t know how to put it back together; an encrypted file loaded on a USB stick and buried in the backyard; a password committed only to memory. These jury-rigged methods come with their own pitfalls, and stories of self-inflicted losses are legion: The New York man who reformatted a hard drive and erased the key to $25,000 in Bitcoin. Dominic Fogarty, a hedge fund research analyst who left his phone, storing his cryptocurrency, in a taxi after a bachelor party—then schlepped all over the Adirondacks to retrieve it. (“Yes, we missed our train, but more importantly I didn’t lose my Bitcoins!” he tells Fortune.)

The ultimate irony is that the gold standard in security, storing private keys in what’s known as “cold storage,” without connection to the Internet, often means putting them in the very places blockchain advocates hoped to avoid: banks. One cryptocurrency hedge fund manager once went to check on his safe-deposit box at Wells Fargo, which stored the key to $5 million, only to find the drawer empty. (A few weeks later, the correct box was found one slot below where it was supposed to be.) Even Coinbase itself relies on banks for some of its cold storage, where 98% of customer funds are kept. “It does seem a little old-fashioned, I suppose,” Armstrong acknowledges. And yet, it may also be the future, as more mainstream investors want in on cryptocurrency but without the worries of BYOB.

For some crypto devotees, this is nothing less than heresy. Says Michael Krieger, a former Lehman Brothers analyst who abandoned Wall Street for cryptocurrency after becoming disillusioned by the financial crisis, “I wouldn’t trust my crypto private keys to a safety-deposit box at a bank. That’s just me.” But already, the walls between finance’s old guard and blockchain’s renegades are beginning to crumble, and a day may come where the systems meld together almost seamlessly. “It’s almost ironic and funny that some of the rules and procedures we want to get rid of are almost exactly the rules we want in place to [protect] a major client,” says Hu Liang, a former State Street exec who left in August to start a cryptocurrency trading platform for institutional investors. Even as they dream of supplanting the conventions that have defined banking for centuries, blockchain disciples are realizing that you can never quite escape them.

Jonathan Levin is still catching his breath from a six-mile bike commute as he welcomes me into his office, on the second floor of a Manhattan coworking space, early one August morning. Wearing a gray cotton T-shirt that reads “Bitcoin, est. 2009,” the 27-year-old British expat exclaims cheekily, “So this is what fighting cybercrime looks like!”

Levin is the cofounder of Chainalysis, a startup that tracks virtual currency movement and investigates illicit use. Chainalysis’s software assisted law enforcement with the takedowns and criminal indictments of both “dark net” marketplace AlphaBay and notorious digital currency exchange BTC-e during the span of a week in July, according to people familiar with the investigations. Previously, the company was able to locate where the stolen money from Mt. Gox and Bitfinex ended up: Bitcoin keeps an immutable record of all transactions—a literal money trail—so anyone can see the addresses of the digital wallets where funds are sent. Chainalysis’s artificial intelligence “clustering” techniques mapped the funds to particular exchanges. But progress seems to have hit a dead end when it comes to determining who controls those wallets. “How many people have been caught for stealing money from major Bitcoin exchanges?” Levin asks rhetorically. “The answer is zero.”

That’s not entirely true, says Kathryn Haun, a former federal prosecutor who led the crackdown on virtual-currency crime and joined Coinbase’s board in May. While no one yet has gone to jail for hacking into an exchange or electronically pilfering cryptocurrency, she says, the AlphaBay and BTC-e probes are the first of a wave of cases that have yet to be completed or unsealed. Because wallet addresses are pseudon-ymous, it can take years for investigators to link them to a person—gathering data gleaned from exchanges like Coinbase and more obscure corners of the Internet. “I liken it to more traditional crimes, like bank robberies,” Haun says. “If he’s wearing a disguise and has a wig and gloves, it makes it that much harder to capture the criminal. But that doesn’t mean it’s impossible.”

Individual thefts may be too small on their own to merit a federal case, but as more victims report crimes to the FBI and other government agencies, there’s more cause for hope. Chainalysis, for its part, opened a special investigations unit in July to take on personal cases after fielding pleas for help from hack victims. And experts believe the criminals who commit the robberies belong to sophisticated organizations with the technology and manpower to trawl social networks for mentions of cryptocurrency accounts—the kinds of resources that let them, say, call Ver-izon 28 times in 24 hours until they succeed in porting a phone number, as they did in the case of Adam Pokornicky, managing partner at hedge fund Cryptochain Capital. Efforts that ambitious inevitably leave traces, and from such clues a pattern can emerge. “Phone porting cases and schemes like it have captured the attention of law enforcement, so I would say, stay tuned,” Haun says.

That said, even if the blockchain world’s combined forces succeed in capturing cybercriminals, there’s no guarantee that victims will get their money back. Some of the legal precedent for charging cryptocurrency hackers is still untested, and there are questions as to whether intangible assets can even be seized. For one, accessing the booty would require knowing the private key: “They could get the criminal, but the government can’t force them to say where the gold is,” says Jeffrey Berns, whose California law firm specializes in digital currency. In a system that prizes decentralization above all else, the creature comforts of banking may never exist. Adds Berns, “There is no consumer protection, and I’m not sure it can be built in.”

Deep inside a mountain in Switzerland, down a 200-meter cave, a World War II military bunker now stores what is believed to be the largest repository of Bitcoins on the planet. In the wake of the Mt. Gox hack in 2014, Wences Casares, an Argentinean tech entrepreneur, thought there was one solution to storing digital coins: Go underground.

His company Xapo now operates heavily guarded vaults, on five continents, some as far as a kilometer down into the earth. Each contains so-called air-gapped servers on which the encrypted private keys are stored. To ensure hackers cannot rob its clients, who range from $5 account holders in emerging markets to the world’s largest hedge funds and institutions, agents of Palo Alto–based Xapo personally witness the manufacturing of the servers before they even come off the assembly line and escort them to the hermetic vaults, guaranteeing they never touch the Internet. “It’s somewhat ridiculous,” says Casares, who also sits on the board of PayPal, “the extent to which we have to go to make sure that the keys are protected.”

But even that safeguard has its limits. When customers move funds into a “hot wallet” on Xapo for transaction purposes (itself a 48-hour process), the money could be vulnerable to the same hacks that Coinbase accounts are. In other words, your cryptowealth is as safe as can be—until you want to actually use it.

?

Anatomy of a Cryptoheist

Coinbase account holders lose up to $5 million annually to theft by hacking, according to a person close to the company. Here’s how the hacks happen, and why the culprits are so hard to catch.

The Stakeout

A scammer scouts a target by searching for people who work in the blockchain industry—or by combing social media for mentions of Bitcoin and Coinbase. The attacker finds the target’s email address and phone number through online postings or previous data leaks.

The Switcheroo

The scammer contacts the victim’s mobile provider and “ports” the phone number to a device under the scammer’s control.

The Disguise

Because Gmail -accounts often link phone numbers as a backup access method, the scammer can now log in and reset the target’s email password, then do the same at Coinbase.

“I’m In!”

Coinbase requires two-factor authentication (“2FA”) in addition to a password. That 2FA now gets texted to the thief, who logs in.

The Getaway

The scammer moves the money into digital “wallets” under his control. Law enforcement can easily track the movements of the stolen currency recorded on the blockchain, but they can’t block transactions, and figuring out who controls the wallets is difficult.

The Laundering

To try to cover his trail, the scammer can move the currency to foreign “cryptoexchanges,” or convert it to other kinds of digital currency that are harder to track. Eventually, he can convert it to cash or other assets.

Building a Better Vault

For better security:

Put a “do not port” order on your phone number.

Don’t use text-message 2FA; instead, use an app like Google Authenticator.

Use a unique password, one you don’t use for other accounts or social media.