In early July, it was reported that Bleeping Computer detected suspicious activity targeted at defrauding 2.3 million Bitcoin wallets, which they found to be under threat of being hacked. The attackers used malware known as “clipboard hijackers” which operates in the clipboard and can potentially replace the copied wallet address with one of the attackers.
The threats of such hacking attacks had been predicted by Kaspersky Lab in November of last year. The attacks did not take long to become a reality. For the time being, this is one of the most widespread types of attacks that is aimed at stealing users’ information or money, with the overall estimated share of attacks to individual accounts and bitcoin wallets being about 20 percent of the total number of malware attacks. And it is not over. On July 12, Cointelegraph posted Kaspersky Lab’s report, which reported that criminals were able to steal more than $9 million in Ethereum (ETH) through social engineering schemes over the past year.
Experts have analyzed the data and found that there are particularly three main segments:
- Attacks on the blockchains, cryptocurrency exchanges, and ICOs;
- Distribution of software for hidden mining;
- Attacks directed at users’ wallets
Apps on Google Play and App Store
Hackers can target your virtual wallets anytime. So basic tip for any user is to not install any unnecessary apps. It is vital to add two-factor authorization identification to all apps on the smartphone for your wallet security. Also, make sure that you verify the links to applications on the official site of the project. These tips can help you secure your cryptocurrency.
It has been observed that most of the victims who fall prey to crypto wallets being hacked are Android users. This is because Android does not support two-factor authentication.
Bots in Slack
Some essential tips to save the hacking of your wallets:
-Report Slack-bots to block them;
-Ignore bots’ activity;
-Protect the Slack-channel, for example, with Metacert or Webroot security bots, Avira antivirus software or even built-in Google Safe Browsing.
Since mid-2017, Slack bots aimed at stealing cryptocurrencies have become the scourge of the fastest-growing corporate messenger. More often, hackers create a bot that notifies users about problems with their cryptos. The goal is to force a person to click the link and enter a private key. With the same speed with which such bots appear, they are blocked by users. Even though the community usually reacts quickly and the hacker has to retire, the latter manages to make some money.
Add-ons for crypto trading
Let’s take a look at some of the tips:
-Using a separate browser for operations with cryptocurrencies for your wallet security
-Select an incognito mode;
-Do not download any crypto add-ons;
-Get a separate PC or smartphone just for crypto trading;
-Download antivirus and install network protection.
Authentication by SMS
-Turn off call forwarding. This makes hacker’s access to your data impossible.
-Give up 2FA via SMS when the password is sent in the text, and use a two-factor identification software solution.
A smartphone is always handy and so it is preferred by many customers for authentication. Positive Technologies, a company that specializes in cybersecurity, has demonstrated how easy it is to intercept an SMS with a password confirmation, transmitted practically worldwide by the Signaling System 7 (SS7) protocol. Experts without much effort were able to hijack the text messages using their own research tool, which exploits weaknesses in the cellular network to intercept text messages in transit. A demonstration was carried out using the example of Coinbase accounts, which shocked the users of the exchange. At a glance, this looks like a Coinbase vulnerability, but the real weakness is in the cellular system itself, Positive Technologies stated. This proved that any system can be accessed directly via SMS, even if 2FA is used.
-Never perform crypto transactions through public Wi-Fi, even if you are using a VPN;
-Regularly update the firmware of your own router, as hardware manufacturers are constantly releasing updates aimed at protecting against key substitution.
Back in October last year, in the Wi-Fi Protected Access (WPA) protocol which uses routers an unrecoverable vulnerability was found. After carrying out an elementary KRACK attack (an attack with the reinstallation of the key) the user’s device reconnects to the same Wi-Fi network of hackers. All the information downloaded or sent through the network by a user is available to attackers, including the private keys from crypto wallets. This problem is especially urgent for public Wi-Fi networks at railway stations, airports, hotels and places where large groups of people visit.
Do you think we missed out on something? Let us know in the comments section.