The theft of crypto has been a long-standing problem within the industry from the beginning, and the fact that there is no means of resolution for disputes makes it a prime target. Also, the lack of laws and regulation combined with the lack of knowledge of law enforcement agencies make crypto a prime target for criminals. A long string of high profile cases from the past have made companies and individuals adopt more stringent measures for security, but hackers have always proving that they are smarter, finding new methods to overcome the increased security. With the price of crypto rising again there is a fear that the number of attacks will increase as it is more profitable than before. Here are a few popular methods of operations that hackers use to steal crypto.
Modus operandi
Most attacks can be classified into two broad categories, exploiting a weakness in the software user use (by infecting user computers with some kind of virus) and exploiting the weaknesses in human judgment, for example by fooling users to handover the credentials to their wallet. This kind of classification is true in an ideal sense since most attacks involve a mix of both bad judgments by the user as well as a fault in the software. Hence, it is better to classify attacks based on the method of attack as it will give a more meaningful picture.
Clipboard hijacking
This method is mostly unknown by users and those who are affected by it and leaves the victims baffled as they have no idea where the attack came from. Most users are too lazy and let’s be honest, it’s really hard to remember and type out the long alphanumeric private key. This causes users to adopt a copy paste policy, and this is what the hacker uses to launch an attack. Clipboard hijackers, also known as clippers, are a type of malware that is capable of detecting an event of the clipboard, especially those used to store a crypto wallet address. This then triggers a script that replaces the correct address with that of an attacker, resulting in digital currency flowing straight to the thief’s wallet, leaving the victim with no idea as to what is happening. The same method of clippers can be used to get passwords and keys as well.
Crypto jacking
It is the kind of theft where no money is stolen. Here, malware mines crypto on the host computer. This might sound harmless, but sometimes it can affect the victim with a big electricity bill, especially in places where the cost of electricity is high. There is also another added disadvantage that the victim faces. This is the loss of computing power. Most such jacking malware tries to run in the background without getting detected, but some are really greedy taking a huge chunk of the victims computing power. An interesting fact about such jackers is the correlation of such attacks with the price of crypto.
Cloning website
There are deep web websites that provide illegal services. It’s hard to verify the authenticity of such websites due to the nature of the deep web, and people who use such services, such as drug users, do not have the technical know how to authenticate such websites. This makes such websites an ideal candidate for cloning. The intention is to trick the drug users into transferring Bitcoin to the cloner’s account. Some cloned website like in the case of crypto hopper, even infect the visitor with both clippers and hijack software.
Social engineering
This is a favorite of scammers everywhere not just in crypto. This usually involves identity theft, and using that identity the scammer transfers funds from the victim to their account, or more commonly spend it. These types of attacks are usually less technically advanced and involve human error and lack of knowledge, but there are cases where technical methods are used. Recently, the case of SIM swapping has been increasing. In this case, we cannot blame the victim as telecommunication companies make it easier for people to port between networks, and this has made the job of scammers much easier. Once a SIM is swapped, even two-factor authentication can easily be broken. Most of the time the users are to blame for the majority of frauds involving crypto.
It might be scary at first sight that there is no course for recourse once you have been scammed, phished or even hacked, but this is the price you have to pay for the independence from financial institutions and governments in general. One thing we all have to remember is that the rules and regulations put up by the government are to prevent exactly those kind of malicious activities and criminal even though at times it might feel a bit overwhelming and unnecessary. Freedom is an old aspiration for humans, from the time of Greeks when the city-states chose war over subjugation, but there is always a price. We all love a world where the freedom offered by crypto is clubbed with the security offered by banks and government but unfortunately, for now, we have to choose between the two.
Follow us on Twitter, Facebook, Steemit, and join our Telegram channel for the latest blockchain and cryptocurrency news
