Protecting your crypto from hackers

DATE PUBLISHED: AUG 7, 2021
15 MIN
DATE UPDATED: OCT 3, 2023

Start Trading on 3Commas Today

Get full access to all 3Commas trading tools with free trial period

In the landscape of 2023, cryptocurrencies have reshaped the traditional financial paradigm. We find ourselves liberated from the need for banks or financial institutions to safeguard our savings. There's no longer the arduous task of selecting and comparing payment systems for cross-border money transfers, nor do we live in constant apprehension of losing our funds due to a bank's collapse or a nation's descent into economic turmoil.

On the flipside, with great power comes great responsibility. The owner of digital assets is now responsible for their own security. Access to cryptocurrency can be lost forever, along with the wallet’s keys and a passphrase, leading to unthinkable disAster.

Unlike years past, people rarely throw away their hard drives storing large quantities of bitcoin by accident. Much more often, cryptocurrency owners suffer at the hands of hackers who stole about $13.6 billion in digital assets from companies and individuals in just 10 years.

Let’s take a look at the most popular ways hackers operate, and how to protect yourself from the risk of losses.

Social engineering and phishing are present in most cryptocurrency thefts

In the landscape of 2023, hackers often refrain from employing sophisticated viruses or intricate techniques to breach the security of devices housing valuable cryptocurrencies like bitcoin or altcoins. Surprisingly, it is all too common for victims to inadvertently surrender their wallet seed phrases, providing cybercriminals with swift and uncomplicated access to the user's cryptocurrency holdings, regardless of the wallet type.

A prevalent method employed by hackers continues to revolve around enticing promises of additional rewards. These cybercriminals follow a familiar pattern, disseminating emails or personal messages through messaging platforms and social networks. Their offer? A proposition to transfer a small sum of cryptocurrency to a specified wallet, accompanied by a pledge to multiply the initial amount.

Remarkably, this scheme endures, persistently ensnaring unsuspecting individuals, even though it has been widely exposed in the media. The allure of such promises often blinds recipients, particularly when the message appears convincing, backed by personal data or the endorsement of a prominent figure or a notable celebrity promoting an airdrop.

To lend credibility to their narratives, fraudsters frequently weave real-world events into their deceptive communications. These events could range from impending blockchain updates to major developmental milestones within the cryptocurrency space.

For instance, German citizens once received messages purportedly from Elon Musk, offering a substantial discount on Tesla purchases in exchange for bitcoins. The scheme coincided with the inauguration of Tesla's Gigafactory in Germany, which lent an air of authenticity to the proposition. Despite Tesla's history of not offering discounts on electric vehicles, users were prompted to make immediate prepayments in BTC, ultimately falling victim to the ruse.

In some instances, hackers venture further, approaching individuals who have already transferred cryptocurrency, seeking to obtain the seed phrase. They cloak their requests behind seemingly plausible explanations, such as the need for verification or involvement in a smart contract.

These scams persist primarily because the cryptocurrency community still welcomes a steady stream of newcomers, individuals who may not harbor suspicions about such requests. Tragically, these unsuspecting investors often find themselves bereft of their entire cryptocurrency holdings, left with no recourse to recover their losses.

How to avoid such attacks?

Follow two simple rules

  • There are no airdrops on the cryptocurrency market, requiring the participant to pay in advance.
  • Never share your seed phrase with anyone for any reason! Your wallet seed phrase restores access to funds.

Phishing is the most widespread and subtle method of acquiring seed phrases and passwords

In the broadest sense, phishing is any method of obtaining personal information and data. Hackers are improving their phishing methods to such an extent that it’s hard for a cryptocurrency owner not to fall for their bait.

The most common phishing attack vector is to lure the wallet owner to a fake website that fully replicates the looks and features of popular crypto projects. These fakes are sometimes indistinguishable, making it almost impossible to tell for novice crypto users. Let’s look at ways fraudsters lure users onto such websites:

Similar address

Hackers open sites with consonant names to crypto sites with which they are familiar, however, letters are mixed up, or one of them is replaced with a symbol, such as replacing a Latin letter with a Cyrillic one. For example 3commas.io and Зcommas.io look similar, but the latter URL contains a Cyrillic letter “З” instead of a number “3”.

Malicious links

Malicious links appear in emails or personal messages asking the recipient to click the link. For example, the message indicates that the wallet account of an exchange has been hacked, requiring immediate actions from the trader.

DNS address hijacking

Such an attack is the hardest to recognize by the user. Messages come directly to the wallet and therefore are harder to flag for distrust.

Google ads or app stores

Hackers use ads to promote phishing sites to the top of search queries, or place malicious wallets on Google Play. Sometimes you may even see non-existent mobile apps from real developers end up in the app store.

Phishing messages on behalf of cryptocurrency exchanges

Hackers often create look-alike email addresses to reach out to the users and trick them into giving up sensitive information.

How to protect yourself from phishing?

It is worth admitting that the sophistication of phishing attacks leaves little chance for the wallet owner to protect themself. Of course, they should carefully check the addresses of visited sites, but the most effective method of protection should be a reminder to nevershare your seed phrase at someone else’s request. You could also check whether any malicious activity is associated with the website you are requested to visit. VirusTotal is one of the most well known tools for this.

The biggest damage is caused by DNS-address hijacking, where attackers manage to convince the user that it is mandatory to enter the seed phrase due to the hack or a wallet update.

Regardless of how convincing and urgent the messages look, make sure you confirm the mentioned facts through the official developer’s website. Perceive all links as malicious and only download updates from official sources.

Cryptocurrency can be lost when downloading a malicious application from Google Play. Launching any new wallet and importing your keys will require the owner to provide a seed phrase. The moment it is entered, it will become available to the hacker.

To protect yourself from phishing apps, only download apps using links from official websites.

Phishing emails on behalf of exchanges are one of many complex and effective methods used by hackers. Attackers often create an email address that phonetically resembles an address belonging to the authentic service provider. The client receives an email from the existing (but hacked) Help Desk or from a similarly-looking address.

A simple attack will contain a warning about the hack and a request to send the password. A more professional attacker will try to direct the client to a phishing page where he will give up his password on his own volition when he fills in fields with account information.

Only additional protection of the trading account may help avoid such attacks. Traders must activate two-factor authentication, as well as geographical binding or binding to the device that is used for trading.

Exceptional security measures in case of hard forks and token migration

The cryptocurrency market is constantly undergoing frequent updates of blockchain code and smart contracts. This can lead to hard forks which are not backward compatible, so the owners of digital currencies have to migrate to a new chain or protocol, exchanging “old” coins for upgraded versions.

In this case, the entry of a seed phrase may be necessary. Hackers take advantage of this, flooding the web with malicious links on behalf of developers who conduct a hard fork. The complexity of the migration process sometimes pushes cryptocurrency investors into the hands of cybercriminals. In this case, the loss of the deposit is guaranteed, while the requirement to enter the seed phrase does not raise suspicions.

Protecting yourself from cryptocurrency loss during token migration and hard forks

If an altcoin owner has technical difficulties and does not understand the process of migrating to a new smart contract or chain, he can entrust this process to an exchange. Search the developers’ website for a list of cryptocurrency exchanges that support the upcoming hard fork and place your deposit on one of these exchanges.

The exchange concentrates all digital assets on a particular wallet from which it will independently conduct the upgrade process. The client will only have to download a new version of the wallet from the developers’ website (if necessary) and withdraw digital assets from the exchange account.

Cryptocurrency exchanges and custodian wallets leak databases

Many investors place their digital assets on exchanges or use custodian services — companies that take over the storage of secret keys and seed phrases. This form of deposit storage creates the risk of unambiguous loss of cryptocurrency in the event of a technical failure or hacker attack.

In this case, the owner can not defend himself, but the company often compensates and recovers these losses. Not all hacker attacks lead to loss of deposits, which exchanges and custodian wallets try to protect reliably. Sadly, users’ personal data often gets leaked.

Leaks are dangerous because users often use the same password for multiple accounts. Knowing this, hackers can use the received email address and phone number to search databases of all exchanges and withdraw funds without hacking into the account.

Protecting an account while using an exchange or custodial service

The complexity of the password is the client’s area of responsibility. A crypto service will not reimburse deposits withdrawn using the real password.

Complex, unique passwords with letters, numbers, and symbols, at least 8 characters long, will help protect the user from having their account hacked.

Two-factor authentication and any additional anti-fraud settings should be utilized. For example, geographic location or binding to certain devices will save funds from unauthorized withdrawal, even if the password is obtained by a hacker.

Computer viruses

With the advent and rise of cryptocurrencies, computer virus developers have gained a reliable and relatively safe source of enrichment. Attackers use the fact that regulation of digital currencies in many countries’ legislation is in the grey zone, and an attack on a personal wallet will not be investigated as thoroughly as a bank account hack.

As a result, most viruses are focused on infecting computers in order to find programs and exchange applications related to digital currencies. Some viruses have a complex composition in the form of hidden mining programs and various malware that an ordinary anti-virus would not notice.

The dangers of an infected computer:

  • CPU degradation due to stealth mining
  • Spoofing of recipient’s wallet address
  • Remote control of the computer, which can lead to a loss of password files
  • Scanning the clipboard to steal exchange account email and password info

Protecting oneself from a computer virus

The standard recommendations for protection against computer viruses perfectly fit the owner of cryptocurrencies: do not download pirated software, check sites for phishing, filter emails, treat links with caution, etc.

Additional protection is required against hidden mining programs. Such solutions are already offered by Microsoft and a number of IT firms widely known for their cybersecurity achievements, like Trend Micro’s XGen Security.

The ideal option to protect against any attacks today is to keep cryptocurrency in cold storage, such as a specialized hardware device. These wallets often resemble a flash drive and have their own security chip. In addition, cold wallets are not connected to the internet. All online transactions are conducted in a special application, which protects the deposit from external attacks.

SIM swapping

Leaked databases of various cryptocurrency exchanges give hackers access to customer phone numbers and balances. Attackers can attempt to use SIM swapping to gain access to the victim’s exchange accounts.

Hackers only need to convince the mobile operator to reissue a SIM card with the same number, which unfortunately is not difficult to accomplish. In this case, they will be able to receive SMS codes, reset passwords, gain access to the custodian wallets, and block the owner’s ability to withdraw the funds.

Protecting yourself from SIM swapping

The account owner should not tie additional verification steps to their cell phone number. Instead, choose the option to receive confirmation of all cryptocurrency transfers via email.

Another option is to use a pin code for financial transactions. In that case, the attacker will not be able to withdraw funds. Lastly, your mobile number is not the only option for two-factor authentication; use another solution for two-factor authentication that is safer(Google Authenticator, YubiKey).

Conclusion

As of today, hardware wallets are the most reliable devices to protect cryptocurrency from hackers. Placing cryptocurrency deposits on exchanges or with custodians carries a potential risk of losing your funds. 2FA, additional pin codes, and binding to specific devices can help reduce these risks.

The cryptocurrency owner’s negligence remains the main reason for losses. Do not trust unknown messages, messages promising to double your investments, and links received via email unless they come from trusted sources. And always remember to constantly update software and applications in a timely manner to avoid becoming a victim of “internal” attacks on wallets.