New research shows more than 10 percent of funds raised through initial coin offerings (ICOs) have been lost or stolen by hackers, raising questions about the credibility of the cryptocurrency-based fundraising efforts.

Reuters reported research firm Ernst and Young analyzed more than 372 ICOs and discovered nearly $400 million of the $3.7 billion raised through the fundraising process was unaccounted for and believed to have been stolen.

The leading cause of money stolen from ICOs were phishing scams, which would target companies raising money through the process in order to compromise accounts and drain cash from the company. Hackers were able to steal up to $1.5 million in ICO proceeds per month through phishing campaigns.

ICOs became a popular fundraising tool in 2017 with the sudden and rapid raise of value in cryptocurrencies like Bitcoin. When launching an ICO, companies aim to attract investors to back a project by releasing their digital coins or tokens in exchange for cash. The theory is if the business is successful, the coins with increase in value and the investor can cash in on the cryptocurrency.

According to Ernst and Young’s research, ICOs proved extremely popular early in 2017 while many investors were just getting into the cryptocurrency craze. By the end of the year, excitement in the fundraising efforts slowed. Just 25 percent of ICOs reached their target for fundraising in November compared to 90 percent in June.

ICO list Different types of ICOs across industry sectors. Photo: icolist/Pexels

That drop was likely driven by skepticism surrounding ICOs, which often came under fire for being fraudulent. Some ICOs came from companies with just a few employees that offered little detail about their actual product other than a vague business plan. Despite this, a number of previously unknown and largely unvetted companies were able to raise millions from invested.

According to researchers, much of the investment in ICOs were driven not from belief in the company’s product or prospects but rather a fear of missing out. Investors want to get in on the ground floor and see the recent growth of cryptocurencies as something they can capitalize on and profit from.

However, Ernst and Young discovered that many ICOs did not live up to the promises made to investors. “We were shocked by the quality of some of the white papers, we see clear coding errors and we see conflicts of interest between the companies issuing tokens and the community of token holders,” Paul Brody, global innovation leader for blockchain technology at Ernst & Young, told Reuters .

In several cases, the researchers also found software code in a project that contained hidden investment terms not disclosed to those putting up money for the ICO. In one instance, a white paper stated there will be no additional cryptocurrency issued after the ICO while the code for the project enabled the company to continue issuing tokens well after the fundraising has completed.