The most effective way to steal crypto-currencies and token-ICO-projects is phishing — gaining access to sensitive data through fake websites. Most of all fake copies were at the site of one of the most popular Ethereum-wallet — MyEtherWallet. Often the spread of phishing attacks associated with the human factor. And to reduce their exposure, experts advise investors to act without haste, not to lose control over the flow of information.
The main purpose of the attacks of cybercriminals on the market are kritovoulos ICO (Initial Coin Offering, the initial placement of tokens). While the most commonly used tool for this kind of theft — phishing attacks. Such a conclusion in their new study, the specialists international company for the prevention of cybercrime, Group-IB (“y”). Most active hackers on this segment of the market was observed in the period from the second quarter of 2016 first quarter of 2017. According to Group-IB, with the help of phishing during the period in question was stolen about $115 million In total, 56% of all lost on the ICO funds accounts for theft using phishing.
Phishing Scam using e-mail, forum messages and SMS. The victim follows the link to the phishing site, a domain which is very similar to the real one and enter your own private data. Using them, the criminals are stealing the money of the victim. The largest theft of cryptocurrency in the result of phishing attacks have occurred in 2015 from the stock exchange Bitstamp of about 19 thousand bitcoins (about $5 million at the then exchange rate).
Typically, phishing is used to steal private keys (special codes) from cryptocurrency wallets. Clicking on the fake website link pseudo-ICO, owner of cryptocurrency enters his access code into the form, at which point it becomes a known criminal. The other option — sending a request to transfer funds. The victim tries to make a transfer to a bogus website, using the confidential data that also compromised by.
According to the aggregator Etherscamdb.info at the beginning of 2018 in the network, there were 2581 phishing site, which is a “clone” of the ICO projects on the platform Ethereum. Of these, the largest number — 2214 — was a phishing copy of the website cryptocurrency wallet MyEtherWallet (the MEW website MyEtherWallet.com). “MEW is one of the most popular in the world of wallets for storage of Ethereum cryptocurrency and token based on it. So he undergoes the highest number of phishing attacks”, explains the head of security the blockchain projects of Group-IB Alexander Lazarenko. So, from the beginning of 2018, MEW has experienced two serious cyber attacks. The last one occurred in early July. Then was compromised by the popular VPN-service Hola, created the danger of cracking cryptocell everyone who has used this plugin. Earlier, in April, was hacked DNS servers MyEtherWallet that allowed the attackers to redirect users to the MEW to a fake website and steal their private data.
According to participants of the cryptocurrency market, widespread phishing attacks related to the human factor. “When people invest in a hurry, they tend not to spend time on the control of information. So often do not check the legitimacy of mail and domain addresses”,— complains Alexander Lazarenko. “The difference in one letter in a domain name can cost you all the assets. You need to be careful and do not click on suspicious links,”— said the representative of kleptomanka Wirex novel Zabuga.