SlowMist, an internationally famed blockchain security company, has found that more than 300 security incidents were recorded in 2022. Of these, almost one-third were phishing attacks and scams. The security company highlighted some common phishing ways scammers used to target unsuspecting victims. Some include browser bookmarks that were malicious and dodgy sales orders as well as Trojan malware applied through Discord, a messaging app.
Browser bookmarks that are malicious
Scammers use bookmark managers, features present in most contemporary browsers. Scammers exploit this to eventually gain entry to an individual’s Discord account after a scammer inserts JavaScript codes into the bookmarks using a preset phishing page. The scammers then guide the victim to include the suspicious bookmark via the crooks’ phishing page, and the scammer patiently waits till the victim clicks this particular bookmark when still logged into their Discord account. This then triggers the embedded JavaScript code, and the scammer obtains the target’s personal information.
“Zero-dollar purchases” (phishing through NFT)
Of all the notable NFT security incidents, 22 were phishing attacks. Scammers lure victims to sign over their NFTs for absolutely no cost leveraging a fake order of sale. Immediately after the victim authenticates the order, the scammers purchase the victims’ NFTs via any marketplace for a fee determined by the scammers.
Trojan horse money theft
This class of attack happens via private messages shared on the Discord app. Here, the scammer invites their victim to test a new application. The scammer then sends programs as compressed files containing up to 800-MB executable files. Once downloaded, the program scans for files with words such as “wallet,” then promptly uploads those files to a server accessible to the attacker. Such attacks have been executed through a malware called RedLine Stealer.
Scams involving numbers ending in the same way
Here, attackers airdrop a few low-value tokens as low as $0.01 to potential victims with a similar address. The only difference is in the final digits of the address. The objective is to get the user to unintentionally copy an incorrect address onto the transfer history.
The 2022 report covered a number of blockchain security issues as well as vulnerabilities in blockchain contracts, along with private key leakages.
There were about 92 attacks via contract weak spots that raked in a $1-billion loss due to hacked programs and limitations with the contracts’ design. Theft of private keys consisted of 6.6% of cyberattacks, triggering losses of about $792 million. Ronin Bridge as well as Horizon Bridge are the best examples of such recent crypto crimes.
While industry players such as HIVE Blockchain Technologies Ltd. (NASDAQ: HIVE) TSX.V: HIVE) are doing what they can to educate consumers about the cyber risks facing their digital assets, it is incumbent upon every individual to be cautious and do their due diligence before completing any crypto transaction.
About CryptoCurrencyWire
CryptoCurrencyWire (“CCW”) is a financial news and content distribution company that provides (1) access to a network of wire services via InvestorWire to reach all target markets, industries and demographics in the most effective manner possible, (2) article and editorial syndication to 5,000+ news outlets, (3) enhanced press release services to ensure maximum impact, (4) social media distribution via IBN (InvestorBrandNetwork) to nearly 2 million followers, and (5) a full array of corporate communications solutions As a multifaceted organization with an extensive team of contributing journalists and writers, CCW is uniquely positioned to best serve private and public companies that desire to reach a wide audience of investors, consumers, journalists and the general public. By cutting through the overload of information in today’s market, CCW brings its clients unparalleled visibility, recognition and brand awareness. CCW is where news, content and information about crypto converge.
To receive instant SMS alerts from CryptoCurrencyWire, text “CRYPTO” to 888-902-4192 (U.S. Mobile Phones Only)
For more information, please visit https://www.cryptocurrencywire.com
Please see full terms of use and disclaimers on the CryptoCurrencyWire website applicable to all content provided by CCW, wherever published or re-published: https://CCW.fm/Disclaimer
CryptoCurrencyWire (CCW)
New York, New York
www.cryptocurrencywire.com
212.994.9818 Office
Editor@CryptoCurrencyWire.com
CryptoCurrencyWire is part of the InvestorBrandNetwork.
