For crypto investors who have not followed the news of thefts, exchange collapses, new government regulations and are prepared to lose their entire investment, here is some advice to follow. Hackers demand payment in crypto, participate in scams that lead to crypto theft directly, or target crypto trading companies. As an individual with funds in crypto, you are likely to encounter attempts of fraudulent investment schemes, giveaways, phishing attacks, and more mischief.
The “hook” of most investment scams is the promise of incredible financial gain if you send the person in question a certain amount in crypto. While most phishing attempts happen via email, there are also instances of SMS phishing. For example, the recent data breach that occurred at the crypto trader Coinbase’s premises started with SMS phishing.
See: https://redskyalliance.org/xindustry/5-tricks-with-crypto-phishing
An employee received an SMS that urged them to click on a link and log in using their credentials. With that action, cybercriminals were given all the data they needed to gain illicit access to the company’s systems.
Individuals looking to avoid scams and subsequent crypto theft should:
- Avoid crypto giveaways, do not open/view them
- Update passwords regularly and use 2 factor authentication
- Do not link traditional bank and crypto accounts
- Know the signs of a scam messages and their time pressure and big promises that sound too good to be true. They are not.
- Avoid clicking any links that lead to the login page
- Never disclose your key, even if the request seems to be coming from the legitimate trader
The majority of cybercrime is financially motivated, it is common for criminals to demand crypto (which is more difficult to trace) during ransom and extortion attempts. For example, it was recently reported that an Australian citizen attempted to extort an unnamed emergency service for $5 million worth of crypto by threatening to start a bushfire. The service did not meet his demands, and the man was charged as a result.
Ransomware cases (in which cyber criminals lock documents and demand ransom in crypto in exchange for access to files) are increasing and putting affected users and businesses in a difficult situation. Many businesses have paid a ransom to get back access to important files.
While in many countries it is not illegal to pay up to hackers demanding ransom. In the USA, the government is discouraging the payment of any ransoms, regardless of the damage to the victims’ organizations. Making a payment can:
- Backfire once the public finds out that you have paid the ransom thus affecting your reputation and if PPI was lost/disclosed be subject to litigation.
- Give criminals monetary funds for further activity they can do the same to someone else or threaten you again, because they installed a backdoor to your servers.
- Go wrong since there is no guarantee that the hacker will give you access to your system
Any company with critical flaws that are not patched is open to possible hacking exploitations. Zero day threats are on the increase too. For example, a Trojan dubbed Parallax RAT has been discovered recently. The operator’s main target is cryptocurrency firms. As with any other Trojan malware, this one hides in different documents to sneak in the “gift horse” to targeted devices. This malicious software (AKA malware) can record keystrokes and take screenshots. This means that it can remember the password and username that a victim types in, as well as the key used for the account.
Users do not have a lot of power when it comes to fighting such advanced attacks. Crypto trading companies are responsible for securing assets as well as protecting their clients.
Be careful when you choose a crypto company. Check if they are reputable and whether they have already experienced major cybersecurity incidents in the past. Pay attention to how they resolved the issue and communicated with the public about the data breach. Advanced black hat (illegal) hackers and hacking groups typically go after companies that already have strong security, multiple solutions, and teams to manage it. But can they handle more sophisticated techniques such as Parallax RAT?
How can businesses defend against cyberattacks:
- Setting up layered security
- Testing the existing security solutions
- Strengthening the security daily
- Education and training for all employees
A data breach that compromises crypto wallets could be prevented if the company has multiple security points and protocols that cover the complete attack surface (any software and device that could be attacked). Besides setting up a strong defense strategy, it is vital to continually improve it with tools such as automated breach and attack simulation that test the security an organization has in real-time.
Today, cryptocurrency firms are up against more damaging and dangerous threats than ever before from new versions of viruses that can get into the system undetected to persistent phishing attacks. The method on which the hackers rely the most is social engineering. Phishing is also the technique that individual users can do most about.
On a personal level, learning how to recognize scam emails, avoiding links designed to collect your sensitive data, and choosing a trusted crypto entity can save you a lot of money in the long run.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs. com
Reporting: https://www.redskyalliance.org/
Website: https://www.wapacklabs.com/
LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/3702558539639477516
Comments