FX.co ★ Threats to cryptocurrencies in 2018
Threats to cryptocurrencies in 2018
Specialists came to the conclusion that over the past year the number of attacks on each ICO has increased 10 times; on average, each ICO is attacked about 100 times a month.
Ruslan Yusufov, the director for work with private clients, notes that now fraudsters mostly use phishing, website defacement, administrator accounts attacks (Slack, Telegram) and DdoS attacks (almost every ICO project is exposed to it). Most projects underestimate the cybersecurity risks which leads to a rapid growth of threats and successful theft.
Phishing
In more than 50% of attacks when fraudsters managed to steal funds they used phishing. For this, they build complex multi-stage schemes that cover all possible channels of influence on the community. These are fraudsters who used the banking Trojans in the past and today aime at cryptocurrencies. Not only ICO projects are at risk, but also traders and other cryptocurrency holders.
According to Group-IB, a large phishing group kidnaps from $30,000 to $1.5 million per month.
Website defacement, or targeted attacks
The second place in the list is taken by hacking into accounts, configuration errors of web application servers, and the use of vulnerable software.
As a result of the attack, the address of the wallet that receives the funds is changed. In this case, fraudsters use their own project and wallet address. From the platform for managing investment projects CoinDash, cybercriminals withdrew about $7.5 million in the first 3 minutes since the launch of the ICO.
Social media attacks
This includes the withdrawal of community representatives funds through social networks. From the end of 2017 and early 2018, specialists have recorded a surge of fraud in social networks with use of social engineering techniques (users are invited to participate in any important type of activity, announcements of winning coins in the contest, messages from the security service).
Forecasts: 4 ways of threat development to cryptocurrency projects in 2018
The projections of the Group-IB experts are not very bright. It is expected that the number of attacks on cryptocurrency projects will increase as due to the growth of cryptocurrency rates more and more intruders pay attention to this segment.
Group-IB believes cryptocurrency projects expect the following vectors of threat development.
Phishing schemes will become more difficult and automated, the level of training will increase, and the use of ready phishing kits will become very popular.
The number of social attacks will surge; hackers will increasingly attack the project team and community members.
Attackers already take the information about those market participants who openly declare the trade in cryptocurrencies. Therefore, the number of thefts of owners' coins will grow with help of messages in social networks.
The owners of cryptocurrency will be attacked by hackers using Trojans for Android. The methods for identifying cryptocurrency wallet owners and getting access will be identical to the methods used for cyberattacks on bank accounts. Most likely, the bank's Android Trojans will be adapted for this.