Cybercriminals stole about $ 100 million from DeFi protocols
Phishing sites have become the most popular way to steal cryptocurrency
10 rules that will protect you from crypto scammers
International consortium of news organizations developing transparency standards.
Experts from cybersecurity company Hacken have described the 5 most popular ways to steal cryptocurrency in 2020
In 2020, cybercriminals attacked mainly the protocols of decentralized finance (DeFiDecentralized finance (DeFi) is financial services built on the basis of blockchain technology that offer users access to an open, efficient and … More), which speaks of the immaturity of this new fast growing segment. However, the number of cryptocurrencies stolen from centralized platforms is still significantly higher. For example, as a result of the Kucoin hack, $ 275 million worth of coins were stolen. The amount of money stolen from DeFi projects accounts for approximately 21% of the volume of hacks and thefts in the cryptocurrency industry in 2020, according to the latest research by the cybersecurity company Hacken..
In addition, hackers attack not only crypto platforms, but also users themselves. Every day, stories are published on the Internet about how attackers stole a user’s cryptocurrency by gaining access to their cryptocurrency wallet or cryptocurrency exchange account. Some users have no idea how high the risk of hacking their account is..
In this article, we will look at the five main ways hackers used to steal cryptocurrency in 2020..
Fake phishing sites
Phishing is a social engineering tool. It is often used to steal user data, including mnemonic phrases, private keys, and credentials to log into accounts on cryptocurrency platforms..
Typically, attackers send out fraudulent emails asking the user to go to a fake website and enter their sensitive information there. In addition, users are often lured to a malicious site. Following the link from the letter ends with the installation of malware.
The simplest example of a successful phishing attack was the case of MyEtherWallet in 2017. Cybercriminals sent out an email to potential users of MyetherWallet and announced that they needed to sync their wallet in order to comply with the Ethereum hard fork requirements. After clicking on the link, the user was taken to a phishing site that looked like a real one, but contained an additional, subtle character in the URL. Inattentive users entered their secret phrases, private keys and passwords from wallets, thereby providing this data to attackers, and then lost their cryptocurrency.
The last example is a successful attack on Ledger wallet users. The scammers used phishing emails that directed users to a fake version of the Ledger website, with a modified character in the URL, just like in the previous case with MyEtherWallet. On the fake site, the victims downloaded malware posing as a security update that was withdrawing coins from their Ledger wallet. It follows from this that even hardware wallet users are not protected from phishing attacks..
The same type of attacks was used against users of crypto exchanges. That is, the user receives an email with a link to a site that is identical to the real one, but with a slightly modified URL. Thus, attackers steal usernames / passwords and, under certain conditions, they can steal cryptocurrency from the exchange wallet. However, users can insure themselves even in the event of a successful attack, as exchanges offer additional protection tools against such cases..
Stealing API keys
Some traders use trading automation tools called trading bots. To use such software, the user must create API keys with certain permissions so that the bot can manage its balance.
Usually, when a user creates an API key, the exchange requests the following permissions:
- View. Permission to view data associated with a user account, such as trade history, order history, withdrawal history, balance, some user data, etc..
- Trading. Permission to place and cancel an order.
- Withdraw funds. Withdrawal permission.
- IP whitelist. Allows to perform operations only from specified IP addresses.
Trading bot keys API requires permissions to view, trade, and sometimes withdraw funds.
There are various ways to steal user API keys. For example, cybercriminals often create malicious “highly profitable” free trading bots to persuade users to enter their API keys. If the API key has permission to withdraw funds without IP restrictions, then hackers can instantly withdraw all cryptocurrency from the user’s balance.
Even without permission to withdraw, hackers can steal users’ cryptocurrencies by “pumping” funds through a specific cryptocurrency trading pair with low liquidity. The most striking examples of such attacks are the Viacoin pump and Syscoin pump, where hackers accumulated these cryptocurrencies and sold them at a significantly inflated price, using user funds for pumping prices, access to whose balances was stolen..
Exploits in downloaded files
There are many zero-day exploits and one-day vulnerabilities for MS Word, Excel and Adobe Product to ensure that antivirus products cannot detect malware and give attackers full access to victims’ devices and their internal infrastructure..
Day Zero is a vulnerability in software, hardware, or firmware that is unknown to the party or parties responsible for developing and supporting the product. The term “day zero” can refer to the vulnerability itself or to an attack that takes a period of zero days between the discovery of the vulnerability and the first attack. After a zero-day vulnerability is publicly known, it is defined as an n-day vulnerability or a one-day vulnerability. After a vulnerability is discovered in the software, the process of developing malicious code begins, which uses the detected vulnerability to infect individual computers or computer networks. The most famous malware exploiting a zero-day vulnerability in software is the wannaCry worm, a virus that extorted bitcoins to decrypt files on an infected computer..
However, there are many other malicious programs on the network that can access users’ cryptocurrency wallets, as well as cryptocurrency exchange applications, using day 0, day 1 or day n exploits. The most famous case of such an attack in recent years was the WhatsApp exploit, as a result of which attackers could collect data from users’ crypto wallets..
Due to the active growth of the DeFi market, scammers are constantly launching new projects that are almost exact clones of existing projects. After users invest in these projects, the scammers simply withdraw funds to their own wallets. The biggest scam of this kind to date is the YFDEX case, when cybercriminals stole 20 million users’ funds 2 days after the launch of the project. Such scams are very common because in most cases, project team members are anonymous and have no legal obligation to users. Previously, such cases of fraud were mainly associated with ICO projects..
However, similar incidents have occurred with centralized platforms. For example, the QuadrigACX case, when the founder of a centralized exchange died, leaving the platform without access to their wallets and unable to process the withdrawal of more than $ 171 million of customer funds. As a result, only $ 30 million of lost funds can be returned..
Such cases happen all the time, so you need to carefully study the platform before transferring your money there..
Bitcoin Is A Scam. All Cryptos Are Scams.
During the existence of the cryptocurrency industry, many fake platform applications or wallets have been created. After you make a deposit to such an application, you will find that you have lost your cryptocurrency.
Attackers also create copies of existing applications by adding malicious code. There have also been cases when cybercriminals created “new” fake applications for platforms that do not have mobile or desktop versions. For example, the 2017 Poloniex case, when users entered their credentials and thereby passed them on to attackers. This led to the theft of funds from inattentive users.
Since most crypto wallets are open source, anyone can create their own copy of the wallet and inject malicious code. Topics about such wallets constantly appear on popular cryptocurrency forums, for example, about the fake Trust wallet application. Currently, there are more than 10 copies of this wallet, each of which may contain malware.
How to protect yourself from intruders?
Attackers use a variety of methods to steal user funds and data. Therefore, we recommend that you adhere to the following rules to protect yourself from intruders:
- Always check the domain you receive emails from.
- Install the AntiPhishing code or its analogues if the platforms you use support such functionality.
- Only fund reputable exchanges. You can check the ratings of exchanges on the following services: BeInCrypto, Coingecko, Cer.live, Coinmarketcap, Cryptocompare, etc..
- Set up an IP whitelist for login if the platforms you are using support such functionality.
- Always research a crypto wallet before deciding to install it on your phone, even if it’s listed in the app store.
- Set up a whitelist of IP addresses for API keys.
- Do not invest in recently launched projects that have no information about the team, investors, etc. During the DeFi hype, scammers launched dozens of scam projects to steal cryptocurrency from investors.
- Make sure you download documents and other files from a trusted source.
- Always carry out regular security updates for your operating system.
- Download apps and their updates only from official sites.
Along with the growth of the cryptocurrency market, new schemes are emerging to steal funds and user data. You must be very careful with email and other notifications. Using the above 10 rules, users can protect themselves from intruders.
All information contained on our website is published in good faith and objectivity, and for informational purposes only. The reader is solely responsible for any actions he takes based on the information received on our website..
CONTENTS BTC volumes on exchanges indicate that the coin is ready for a rally Data on the influx of stablecoins confirms the readiness of whales for a bullish attack …
Most Dangerous Crypto Scam Yet in 2020
CONTENT Bitcoin may continue falling ahead of halving History of previous halvings confirms bearish trend Cascading liquidation of positions increases…
How Cryptocurrency Scams Work
CONTENT Russia is one step closer to adopting a law on digital assets Bitcoin is trying to gain a foothold in a new range The test version of the ethereum…
CONTENT Cryptocurrencies have become the main form of income for 15% of holders Bitcoin is used as a means of payment much more often than users think …
CONTENT The coronavirus pandemic will change attitudes towards the cryptocurrency industry Traditional Investors Show Interest in Digital Assets Technical…