Tag: crypto hacking

Categories
Cryptocurrencies

5 Ways Investors Lost Cryptos in 2020

Without a doubt, 2020 is the year that the crypto community experienced significant growth. Cryptocurrencies regained much of their lost value and reached new heights, thanks to their growing adoption. 

Without a doubt, 2020 is the year that the crypto community experienced significant growth. Cryptocurrencies regained much of their lost value and reached new heights, thanks to their growing adoption. 

Without a doubt, 2020 is the year that the crypto community experienced significant growth. Cryptocurrencies regained much of their lost value and reached new heights, thanks to their growing adoption. 

The crypto industry continues to grow, and investors are laughing all the way to the bank. Along with all this good, there were a host of crypto scams that left investors with a bad taste in their mouths. But how did these crypto scams occur? 

Cryptocurrency losses due to hacks on the DeFi platforms, theft, and fraud amounted to $1.8 billion within the first ten months of 2020, up from $4.52 billion in the entire previous year. The 2019 DeFi volume figure was negligible, but it now appears the DeFi platforms are lucrative for bitcoin thieves. With up to $98 million in losses, DeFi hacks made up 21% of the total crypto fraud in 2020, which is quite significant. But why so many crypto scams?

The USD value in DeFi cryptos and other cryptocurrencies has grown exponentially, attracting the attention of scammers, money launderers, and DeFi protocol hackers. Everyone, including those that don’t want to put in the hard work, wants a piece of the Bitcoin profits.

Scammers use different methods to get a piece of the crypto cake, but according to a report by CipherTrace, Ponzi schemes and investment scams are two of the main ways that investors lost cryptos in 2020. 

Let’s have a detailed look at how crypto investors made losses in 2020, shall we?

1. Ponzi Schemes 

Ponzi schemes have emerged as one of the favorite vehicles for crypto frauds, and it seems they are not going anywhere. Usually, the schemes promise investors quick significant returns with little or no risk. 

The first few returns are made from recruits’ funds, serving as bait for more investment into the scheme. Most of the time, there is little or no business development in the background to support the pyramid of promised returns. Eventually, the schemes come tumbling down, and founders vanish into thin air with the investors’ money. 

The classic crypto giveaway scam moved to YouTube from Twitter in 2020. In one instance, a hacker hijacked tens of YouTube accounts to broadcast a crypto giveaway falsely promising to double your earnings within a short period. The Ponzi scheme was broadcast live on YouTube, posing as a message from Bill Gates, the Microsoft CEO. 

2. Exchange Hacks 

Centralized exchanges provide a platform for the buying and selling of cryptocurrency. They act as middlemen, with various currencies for trading in a partially regulated environment, and are a favorite of newcomers in the bitcoin industry.

Unfortunately, centralized bitcoin exchanges come with a variety of risks. For starters, the funds deposited are entirely on the platform owners’ hands, which is somewhat risky.

In September 2020, hackers made away with a large haul of cryptocurrency worth $275 million from KuCoin, a popular platform, becoming one of the largest hacks. The cybercriminals used various methods such as diversifying into multiple currencies and mixers to avoid leaving a trail. 

But the decentralized exchanges were not spared either.

Another high-profile bitcoin theft in 2020 involved the Cryptocurrency exchange Bisq where virtual currency worth $250,000 was lost. The hackers used a vulnerability introduced after a recent update to the network, allowing them to manipulate fallback addresses and send the funds to the wallets they controlled. 

Earlier in the year, IOTA Foundation had to temporarily suspend operations following a cyberattack targeting the IOTA wallet app. The organization took steps to freeze the entire system within 25 minutes of reports that cryptos were being stolen from users’ wallets. 

3. Social Media Crypto Scams

The #cryptocurrency tag on Twitter hosts who-is-who in the crypto industry, including tech engineers, investors, and programmers. But the social media platform is one of the several ways that crypto thieves used to scam people out of their hard-earned cash. 

Hackers took control of the social media giant back-end referred to as the “God Mode” by hacking Twitter employees to access high-value accounts. 

On July 15th, the verified accounts of famous personalities such as former President Barack Obama, Elon Musk, Bill Gates, and Kanye West were hacked and used in a fake crypto giveaway. The hackers promised $2000 worth of cryptocurrency for just $1000, hauling over $121k of stolen bitcoins in the process. 

4. Sim Swapping 

SIM swapping is a relatively new crypto scamming method which is also gaining a foothold. Scammers convince the mobile service provider to move a number to a new SIM card in a device they control to perpetrate crypto scams. 

The method has become too familiar, especially in the cryptocurrency and Bitcoin industry. Usually, the hackers hope to access the victims’ cryptocurrency wallet through SMS sent to their phone for two-factor authentication. 

If successful, scammers access your phone, cryptocurrency exchanges, bank accounts, and other sensitive personal information to wipe your crypto wallet dry. Recently, Harvard University Ph.D. students and professors highlighted the increased risk of SIM swaps in 2020 in a research paper. Incidentally, one of the authors fell victim to a SIM swap.

In one unfortunate incident, a man lost $24 million through SIM swapping as a part of the coordinated attack. It has emerged that the 2020 twitter hacker was part of the SIM swap syndicate. 

5. Trickery by the Phishing Websites and ICOs

2020 has had more than its fair share of phishing scams, and especially in the crypto industry. The main route is often through email, where the scammers guide people to particular websites to steal their credentials, which they use to access their wallets.

Just recently, scammers successfully tricked an astounding number of people into visiting a replicated version of the popular cryptocurrency Ripple (XRP) ledger to steal more than $280k

Meanwhile, fake ICOs or the initial coin offering occur frequently and are a significant risk for bitcoin investors. Like an initial public offering, the initial coin offering’s main objective is to raise funds for the startup. But how do fake ICOs work?

Usually, fraudsters hype the project with fake ICO details to convince the investors. They use their website to promise heaven and earth to the users and then instruct them to make deposits in provided wallets. Sometime after the deposit, it becomes more apparent to the Investor that they were scammed. 

One good example is Big Coin, which used a variety of masked campaigns. They hyped their fake cryptocurrency’s capabilities and technical progression to convince investors and steal $6 million. 

Conclusion 

With cryptocurrency, due diligence is of utmost importance before dipping headfirst into the industry. Bitcoin tends to attract attention, especially when transitioning into the bull market. Everybody wants a piece of it, and less experienced investors fail to spot the red flags, losing money in the process.

It is still a crypto jungle out there, with scammers and thieves using old tricks in the book such as Ponzi schemes, hacking, and phishing, as well as inventing new ways to shake you off of your hard-earned money. But if there’s anything that 2020 has taught us is that the internet space can be very profitable, but at the same time, very risky. Analysts are in consensus that only education can help reduce the risks of crypto scams. Take extra care when investing and accessing your cryptocurrency wallets, and the whole experience will be worth it. 

Categories
Crypto Videos

Hacking Bitcoin Wallets With A MacBook!

 

 

 

 

Bitcoin Wallet Successfully Hacked (Intentionally)


Bitcoin and Lightning Network project developer called John Cantrell managed to successfully hack a BTC wallet address by checking somewhere around a trillion seed combinations over the course of 30 hours. This feat was accomplished as part of a major contest launched on Twitter by the CIO of the Atlanta Digital Currency Fund – Alistair Milne.
Milne published several hints to a 12-word Bitcoin wallet seed over the course of a couple of days. Cantrell then succeeded to brute force the entry with 8 out of the 12 words. Of course, this hack is considered a test of resilience, and everything went as intended, so there was no harm done.


Graphics cards renting to check more combinations

Cantrell saw that his computational power wasn’t enough to perform this task, so he decided to rent additional graphics cards through GPU marketplaces as well as Microsoft’s Azure cloud computing service. It turned out that his high-end Macbook was able to check around 1,250 mnemonic combinations per second using Cantrell’s self-written CPU seed solver.
The fact that the mnemonic key was brute-forced in should not worry people, as there are way too many combinations in a 12-word key, let alone the 24-word one. In fact, this can only be a testament to how strong the network is and how hard it is to pass through the Bitcoin’s defense system.

Categories
Crypto Daily Topic

Top Tips to Secure Your Bitcoin against Theft

Bitcoin inspires all sorts of motivations – from noble ones to less noble ones. It’s an asset class that’s targeted by scammers at an incredibly high rate. Each year, individuals and crypto exchanges lose millions of dollars to such theft.

Bitcoin inspires all sorts of motivations – from noble ones to less noble ones. It’s an asset class that’s targeted by scammers at an incredibly high rate. Each year, individuals and crypto exchanges lose millions of dollars to such theft.

Bitcoin inspires all sorts of motivations – from noble ones to less noble ones. It’s an asset class that’s targeted by scammers at an incredibly high rate. Each year, individuals and crypto exchanges lose millions of dollars to such theft.

But that doesn’t mean Bitcoin or other cryptocurrencies are a security nightmare. It all really depends on how careful you are – and the measures you take to secure your Bitcoin assets. Let’s look at some easy steps you can take to protect your holdings.

Use Long and Complex Passwords

The keywords here are ‘long’ and ‘complicated.’ Even if your password is complicated enough, it’s still an easier hack than a long and complex one. For instance, a hacker would more quickly guess “pas$w0rd” than they would “Hell0Thi$isMyPas$Word”. Also, a single uppercase letter is not enough to cushion you against hacking. At the very least, make sure your wallet and account passwords meet these criteria:

  • Have lowercase letters and uppercase letters, numbers, and symbols
  • Have at least 40 characters or more.
  • Is not in obvious sequences, for example, 12345 or abcdef
  • Is not a common word or obvious character replacements
  • Is not in repeated letters/numbers or keyboard patterns like “444”, “ttt” or “cvbnm”

Now, the longer and stronger password is, the harder it is to remember. There are a few resources you can use to prevent this from happening, including a password management software or secure offline storage, like an encrypted USB drive.  Also, remember never to use the same password for more than one account. A single security breach could result in a hacker getting access to all your funds.

Enable a 2-Factor Authentication (2FA) On All Your Crypto Accounts

With a 2FA, you’re required to use two authentication factors to verify your identity. One identifier is your password, and the other could be a phone call, a biometric factor, etc. That said, you need to watch out for 2FA’s that are still vulnerable – e.g., phone calls or text messages. Hackers have devised a new trick of calling up phone companies and successfully impersonating customers, which makes a phone call or text message 2FA insecure. Instead, you could enable a 2FA via:

An authenticator app, like Google authenticator –which automatically generates 2FA codes for your account every 30 seconds, and is entirely free,

or:

A universal second factor (U2F), which is like an encrypted USB that you can insert into your device as a form of 2FA. Some trusted U2F’s include FIDO and YubiKey.

Enable IP and Wallet Whitelisting

Whitelisting is a security feature that allows you to create a list of trusted IP addresses that can interact with your funds.  Ensure your crypto exchange has these security settings:

  • IP whitelisting – which allows only authorized users to use your IP address to authorize trades, sending of crypto, or paying for things through your exchange account.
  • Wallet whitelisting – in which you share with the exchange your wallet’s public key. After that, only you will be able to withdraw funds from the exchange to your private wallet.

It’s worth noting that not all exchanges have enabled whitelisting options, so make sure to ascertain that before you sign up for any wallet.

Use a Reliable VPN on Public WiFi

Public WiFi connections in restaurants, hotels, airports, etc. are an easy target for hackers.

If you must access your crypto account on a public network, it’s highly advisable to use a reputable Virtual Private Network (VPN) such as ExpressVPN, NordVPN, Tunnel Bear, or VyprVPN. This precaution will prevent your account login information, i.e., passwords, private key, and recovery phrases from being intercepted. A VPN is an extra layer of encryption that will also conceal your identity, location, and IP address.

Separate Your Trading Funds from Your Savings

If you’re a regular trader, separate your trading funds from the rest of your funds. Keep the rest of your funds in a cold storage, e.g., a hardware wallet or a paper wallet.

This precaution is essential because storing all your funds on your exchange renders them vulnerable to hacking, phishing attacks, etc. There are many stories of hackers successfully getting away with lump sums of crypto from crypto exchanges – so be careful.

Back-Up Your Backup

Backing up your back-up means having a second line of defense in case you forget your account or wallet details.

You can do this by first encrypting a flash drive and then adding a text file of information on all your passwords, private keys, and seed phrases. To encrypt a flash drive, simply right click on the drive in your “My Computer” window and select “encrypt,” follow the instructions, and set up a password.

The second step is storing the flash drives in separate and safe places, like a safe deposit box. For an added layer of security, you could even split your private key into two flash drives, i.e., one half in one drive and the other in a second drive. That way, even if someone manages to get hold of one flash drive, they can’t access your crypto. Make sure you don’t forget the passwords, however.

Encrypt a “Digital Will”

Treat your crypto holdings like any other asset – you need to ensure they go to your beneficiaries when you’re gone. But, leaving a will for your crypto assets for your loved ones requires a bit more planning than that for traditional assets. So how do you go about it? While you will eventually have to talk to an estate planning lawyer, you can get started with the following steps:

  • Ensure your beneficiary knows the location of at least one of your encrypted flash drives.
  • Ensure they have the password to decrypt it
  • Include in the flash drive a “digital will” – a file that lets them know how exactly to access your Bitcoin.

Some people may find it challenging to understand how to handle cryptocurrency. To make it easier for your inheritor(s), try writing down the instructions in a manner that a crypto novice would understand. Let details include how to access your wallet, exchanging of cryptos to traditional currency, etc.

Don’t Brag About Your Holdings

Finally, when it comes to cryptocurrency, discretion is key. You’re much safer that way. There are a lot of people who have been targeted in extortion to ransom attacks. Often, these people were known traders, investors, or just people who couldn’t keep quiet about their hoard.

One common ploy is for extortionists to offer to buy crypto at a price way higher than the market price, and suggest a face to face meeting. Once the person arrives, they ambush them and strong-arm them into transferring the funds without payment.

It’s better to remain tight-lipped about your crypto holdings. And just to be extra safe, consider splitting your cryptos into more than one wallet to mitigate the risks of any such occasion.

Just like you would take steps to protect your other valuables – you should (and even more so) take steps to protect your cryptocurrency. Securing your crypto shouldn’t be a daunting task. Follow this guide and get started on safer interaction with your cryptocurrency today. Also, remember to do more grounded research on best practices to secure your crypto – and you’ll be good to go.