Half of crypto hacks are US based while scammers increasingly target Twitter
Cybercrime is growing at an alarming rate as cryptocurrency hackers and scammers are increasingly encouraged by the potential riches available from exploiting potential vulnerabilities in cyber security or individual’s trust.
Hackers exploit weaknesses in the programming or the interfaces between cryptocurrency investors’ digital wallets and the exchanges they use, while scammers exploit individuals’ desire for a quick profit by inventing non-existent investment schemes promising riches.
Crypto hacks leap
The rate of cryptocurrency hacks is increasing rapidly according to cybersecurity firm Group-IB, with the number of compromised exchange accounts rising 369% since 2016 to 720 accounts across every major exchange.
Group-IB’s research showed also that a third of all victims were located in the US. Russia and China completed the top-three of countries reporting the most victims of hacked accounts.
The rising rate of hacks mirrored the market highs, with incidents of stolen passwords shooting up in January by 689% compared with the monthly average.
Furthermore, the report said that more than half of the malicious traffic targeting exchanges and individuals’ wallets was coming from the US, while the Netherlands was responsible for 21.5%.
Scammers exploit Twitter trust
A separate report, also published on Monday, showed how fake Twitter accounts have been used to spread scam adverts promising digital currency “giveaways”.
Duo Security Labs researchers unravelled a cryptocurrency scam that involved an intricate network of at least 15,000 malicious bots – an implanted piece of software that carries out algorithmic and repetitive tasks.
These bots were found to be spreading fake competitions, with fake retweets and likes to further cement potential victims’ trust, or impersonating some of the crypto industry’s best known personalities and companies.
The research showed how the bots were able to siphon money from unsuspecting users by “spoofing cryptocurrency exchanges, celebrities, news organizations, verified accounts and more”.
Accounts in the cryptocurrency scam botnet were also programmed to deploy deceptive behaviours in an attempt to appear genuine and evade automatic detection, the research found.
“Users are likely to trust a tweet more or less depending on how many times it’s been retweeted or liked. Those behind this particular botnet know this, and have designed it to exploit this very tendency,” said Olabode Anise at Duo Labs.
Twitter said it was aware of such forms of manipulation and was proactively implementing a number of detection methods.