Some of the most popular hacking methods in the crypto space today include:
DNS Hacks
DNS hacks are more advanced than the average crypto scam. With a DNS hack, a hacker takes control of a website’s server information, redirecting users to a malicious website instead of the original site. The scammer might have a duplicate version of a crypto exchange posted on that fake site, for example, encouraging users to enter their usernames and passwords to login.
How to Avoid DNS Hacks: Double check the SSL certificate of a website before you enter login information. The URL might look legitimate, but if you don’t see an SSL certificate or verification symbol in the address bar, then the website could be malicious.
SIM Jacking and Cryptojacking
A new type of crypto theft involves stealing someone’s phone number, then using that phone number to gain access to someone’s online accounts. To do this, a hacker will contact your carrier – like AT&T – and ask the support team to switch the victim’s number to a new SIM card. The hacker controls the new SIM card. The hacker might claim the victim’s phone was stolen, for example, and that they need the phone number transferred to a new phone. If the carrier’s support team falls for this scam, then the hacker gains complete control of the victim’s phone number, bypassing two factor authentication and phone-based authentication systems, allowing the hacker to gain access to the victim’s crypto accounts.
How to Avoid SIM Jacking and Cryptojacking Attacks: Instead of using phone-based authentication, use an app-based authentication system – like Google Authenticator. As long as you have control of your phone, you’ll be able to accept or deny any authentication request. These app-based authentication systems do not rely on your phone number.
Wallet Intrusions
There are dozens of popular crypto wallets available today, including software and hardware wallets. Both software and hardware wallets, however, can have latent vulnerabilities just waiting to be exploited. Hackers will comb through a hardware or software wallet to find these vulnerabilities and then steal user funds.
How to Avoid Wallet Intrusions: Use only popular hardware and software wallets. Update software wallets frequently with the latest security patches.
51% Attacks Against Blockchains
Blockchains are secured by a network of users. This network of users verifies transactions on the blockchain without the need for a centralized authority. Once the majority of users (more than 51%) have agreed on a particular change or addition, that change or addition is added to the blockchain. This system, unfortunately, falls apart when more than 51% of users act maliciously. Sometimes, hackers will use an army of computers to launch a 51% attack against a small blockchain. The hacker’s army overwhelms the current community, allowing hackers to verify illegitimate transactions for personal gain.
How to Avoid 51% Attacks: Avoid buying or using coins on smaller blockchain networks. Larger blockchains – like bitcoin – cannot be toppled by a 51% attack because there isn’t enough computing power in the world to launch such an attack. Smaller, newer blockchains, however, can become victims of a 51% attack, particularly in the early days after launch.
Malicious Mobile Apps
Sometimes, hackers will create a mobile app and post it onto the Google Play Store or iOS App Store. Often, the app is unrelated to crypto. It might be a calculator app or a stopwatch app, for example. It’s something innocent. The app has a hidden feature, however: it scans the user’s device for private keys, crypto apps, and other crypto-related information. By the time Google and Apple identify the problematic app, it’s already too late, and users have already lost funds.
Comments