As the cryptocurrency and digital asset markets mature, so have hackers’ approaches to compromising exchanges, asset owners, and other parts of the crypto-financial ecosystem. Whereas cryptocurrencies’ role in attacks used to simply be ransomware payments, the market has changed. In leveraging cryptocurrency for ransomware payments, hackers have had to educate themselves on these systems, giving them awareness and understanding of various platforms in the space, the security controls they do or don’t have in place, and their potential weaknesses.
For a long time, banks, credit unions, and other financial services have had to perform customer due diligence also called “know your customer” (KYC), to comply with anti-money laundering (AML) laws. And while many exchanges, particularly ones that serve US citizens and customers in other developed countries, already do this same KYC process, the global nature of cryptocurrency means that not all exchanges (such as the Russian-based Suex, which was sanctioned) and other financial ecosystem providers are operating under these rules. Global crypto exchanges that want to maintain credibility must implement some of the same controls used by banks and others to ensure they know their customers and the nature of their transactions.
Don’t Sleep on Phishing Threats
At this point in the cybercrime life cycle, we probably all have received an email from an imposter posing as a bank we do business with, asking us to log in and verify something on our account. If you do log in and provide the requested credentials, you quickly fall victim to a phishing scam. So how have these phishing attacks made their way into the crypto world?
Crypto wallets, which store your private keys aiming to keep your crypto safe and accessible, have become popular — particularly multicurrency wallets. The problem is their applications are easily copied because they are Web-based or have elements that are Web-based (like a Chrome extension) allowing you to connect to your wallet through an app on your desktop, making them prime targets for phishing attacks.
If you look at how banks or other large financial institutions are normally attacked, you know the bad actor is going to set up a phishing site and drive traffic there through advertising, SEO results, mass emails, etc. The crypto community, however, is suffering from one-on-one support scams. Fully understanding how cryptocurrency works is hard for the average user. Often, people seek answers by going to support forums, like the Exodus wallet forum on Reddit or Telegram. There, users can get real-time answers from people who are either in support or use the wallet. But there are phishers in there, too, and these scammers try to manipulate the user into providing them with their actual login information or driving the user to a phishing page that mirrors a support page. It’s not the same issue banks face, in that the losses are real, but for crypto exchanges it’s a reputational loss that will catch up to them.
Mitigate Your Risk
The crypto market is crowded right now, and phishers know that. Fake Google ads are becoming a more popular phishing method and these phishing pages are now getting ranked above a legit crypto or wallet homepage in a Google search. It’s easy to miss if you aren’t specifically looking for it. When the first search result is a phishing site, a user clicks on it, needs to recover a password, and the next thing you know your user is now a victim. Crypto exchanges need to implement security services that not only monitor for fake …….
Source: https://www.darkreading.com/vulnerabilities-threats/how-hackers-are-targeting-cryptocurrency