Skip to main content

Be Wary of These Techniques Used by Hackers to STEAL Your Crypto


From phishing to crypto jacking to key-logger attacks, there are a lot of ways, hackers can steal your stash of cryptocurrency. In early July 2018, Bleeping Computers identified a suspicious activity to defraud 2.3 Million Bitcoin wallets. All these wallets were under the threat of being hacked. The malware used was “clipboard hijackers.” It operated in the clipboard and could replace the copied wallet data with one of the hackers while transferring Bitcoin to other wallets. Kaspersky Lab had predicted such type of hacking attacks in November 2017, and it didn’t take long to become a reality.
Till date, this is one of the most popular types of attack to steal user’s crypto and information. About 20 percent of the total cryptocurrency hacking attempts are made on individual’s wallets and accounts. Kaspersky Lab’s report published in Cointelegraph stated that criminals had stolen $9 million through social media engineering and other hacking techniques.


There are chances that some undetectable programs are running on your smartphone or Laptop right now, copying your every single seed, password or any button you hit on. When these programs send back or change the copied clipboard data, it becomes too easy for the attacker to gain full access to your wallets. Hackers use the vulnerability we didn’t notice. Here’s how they do it and how we can protect our wallet:

SLACK BOTS

There are many slack bots which are being used by hackers.
Since mid-2017, there have been many cases of stolen cryptocurrency through this technique. The bot sends a notification to the user’s device about issues with their wallet. The ultimate goal is to force the user to click the notification and type private key.


Image source: Steemit @sassal
TIPS
  • Report Slack-bots immediately;
  • Ignore bots’ activity

ADD-ONS FOR CRYPTO TRADING

You get extensions to do more comfortable work with wallets. But these extensions are vulnerable to hacking attacks as they are developed on JavaScript. Might be an extension is using your computing resources for mining purposes. To avoid it:
Use incognito mode. 
Use separate browser for cryptocurrency related work 
Install Network protection

SOCIAL ENGINEERING AND PHISHING

Cybercriminals also ramp up their focus on social engineering to steal cryptocurrency from newbie users. Fraudulent websites and paid ads are still on the rise even after the ban. Hackers mimic the authorization pages of exchanges and dupe users to enter the private key. To avoid it:
Enter the exchange address directly to the URL bar 
Never trust ads offering free cryptocurrencies

CRYPTOCURRENCY MINING BOTNETS

‘Botnets’ are networks malware-infected systems which can be controlled remotely. Generally, botnets are used to distribute malware or to perform DDoS attacks. But for quite a few time crypto-criminals are using it to mine cryptocurrency.

SMS AUTHENTICATION

Most of the users have mobile authentication as it is handy and they always have the smartphone. But using the SS7 protocol hackers can intercept an SMS with a password confirmation. Here’s the vulnerability is in the cellular network. To avoid it:
Stop using SMS verification 
Use software base 2FA
The bad news is there is no decrease in the activity of crypto hacking. As per JAN 2019, there are more than 11000 dark web platforms selling more than 34000 offers. Here anyone can get malicious software for an average price of $240.


Report Source: CARBON BLACK
The big question is: How do these softwares get on our computer? On June 27 a program called All-Radio 4.27 was installed unknowingly on many devices. The situation got more complicated when people were not able to uninstall it. It had given a whole suitcase of unpleasant surprises. It was found that the program had hidden miner and was monitoring the clipboard. This program was installed on the systems which have cracked games or OS versions. It’s foolish to become a scapegoat of such hacking attacks. So, in conclusion, I’ll like to remind you of advice from Bryan Wallace:
“Encryption, anti-virus software, and multi-factor identification will only keep your assets safe to a point; they key is preventive measures and simple common sense.”
Labels:

Comments

Post a Comment

Popular posts from this blog

10 Best Side Hustles Ideas You Can Start Doing This Week

Side hustles, also known as side gigs, are jobs you do outside your primary day job. These gigs can be a great way to pay off debt or earn some extra spending money. They can also be a means to tap into unused skills or explore passions. So if you’re about to start searching for a side hustle, you’ve come to the right place. Here are some tips on what makes a great side hustle, what qualities workers need to have for success and 10 gigs to consider. What The Best Side Hustles Have in Common Not all side hustles are the same. To help you choose the 10 best side gigs, we researched numerous jobs and found some commonalities such as having a low barrier of entry, flexible schedules and availability in most areas. Here are some tips on what to look for in a good one. Schedule Flexibility Rule No. 1 when starting a side hustle: Don’t let it interfere with your day job. The last thing you want to do is mess up your primary source of income, as some companies may have   policie...
Post a Comment
Read more

IRS Tax Return For Your Hard-earned Income Is Due: Here's Where You Can E-file It For FREE

What Is E-file.com? Unlike some of its competitors, E-file allows you to file state taxes only, without having to go through the federal process. It also offers a variety of forms you may need, including extension and amendment forms, to ensure you find everything in one place. The site provides a guarantee that your taxes will be done correctly. If another company finds a larger refund or lower tax liability, you’ll also receive E-file’s $100 Tax Refund Pledge Fee.  You can check out E-file’s website here . If your next question is “How much does E-file cost?”, it all depends on which service you select. Free Basic The  Free Basic service  provided by E-file.com can get your return filed by tax day without all the bells and whistles. This tier is provided for anyone who is eligible to file a 1040EZ. You won’t spend a dollar on filing your federal returns, and if you choose the Deluxe or Premium versions and E-file discovers that you’re eligible for the...
Post a Comment
Read more