Cryptocurrency thieves have proven to be highly adaptable, constantly evolving their attack methods to exploit vulnerabilities in the industry. According to Raz Niv, co-founder and CTO at Blockaid, hackers are not necessarily always ahead of security measures but are rather adaptable to the constantly changing environment. He likens the relationship between security and cyber threats to a continuous cat-and-mouse game. Attackers are skilled at identifying and exploiting vulnerabilities in current infrastructure for their own benefit. However, Niv emphasizes that as technology develops, security measures also advance to counteract emerging threats.
Kate Kurbanova, co-founder of Apostro, highlights the frequent lack of awareness exhibited by the average crypto user, which often results in vulnerabilities that fraudsters are quick to exploit. To ensure the security of users’ finances, the crypto industry needs to spread knowledge and awareness about downloading and managing crypto apps correctly. This will empower users to protect their assets effectively.
Blockaid has identified four ingenious methods commonly employed by hackers to empty crypto wallets. These methods include phishing prowess, where cybercriminals create deceptive websites and apps that mimic popular wallets to steal login credentials. Another method is malware mischief, where hackers gain remote access to users’ holdings via viruses and Trojans. Sneaky wallet drainers, a more recent threat, involve malicious browser extensions that shadow a user’s activities, waiting for an opportunity to steal funds. Social engineering sleuths monitor social media for users sharing wallet addresses or transaction details openly, exploiting public information.
Kurbanova also emphasizes the importance of verifying the authenticity of websites before engaging in any transactions, as scammers often fabricate platforms that mimic legitimate decentralized finance protocols. Additionally, she warns against conducting transactions via or connecting wallets to public Wi-Fi as hackers can gain access to personal information through infected or cloned networks.
To protect their crypto assets, Kurbanova advises users to take security practices seriously. Firstly, it is recommended to only keep an amount of funds in crypto apps that they intend to spend immediately or can afford to lose. Getting a cold wallet and separating crypto into multiple wallets with different private keys is also recommended. Users should conduct in-depth research on any crypto app before using it, checking its development history, the team behind it, and user feedback.
Implementing strong password practices, such as using unique passwords for each app and changing them regularly, is crucial. Two-factor authentication (2FA) should be enabled whenever possible. Users should avoid using public Wi-Fi and USB ports for crypto operations, as these can be compromised by hackers. Keeping all apps and devices updated with the latest security patches and operating system updates is equally important.
In the unfortunate event that users suspect an attack on their funds, Kurbanova suggests taking immediate action. Firstly, users should not panic. They should move all remaining funds to a new wallet and refresh/relaunch the app while checking for updates in the settings. Changing all passwords and reinforcing security measures is crucial. Users should also check the wallet’s website and social media for hacker alerts and security-related information. Additionally, users can use a token tracker like Etherscan to check if unauthorized transactions have occurred and report them to the wallet provider.
If funds are missing, seeking the services of cybersecurity firms that specialize in monitoring suspicious blockchain addresses and transactions is advisable. These firms can track digital assets and potentially trace stolen funds back to the criminals and their wallets. However, it should be noted that the success of fund retrieval varies from case to case, and involving law enforcement may be necessary.
As the cryptocurrency industry continues to evolve, so do the methods employed by crypto thieves. It is crucial for users to stay informed, spread awareness, and follow robust security practices to protect their assets effectively. While no method is foolproof, implementing these measures can significantly mitigate the risk of falling victim to attacks. By taking proactive steps to secure their funds and staying vigilant, crypto users can minimize the potential for loss and ensure a safer crypto experience overall.