BTCUSD
D HIGH
D LOW

Data:   Charts:

Kc  · 09/01/22

Security Threats for Crypto Traders in 2020

Altcoin Trading Blog
04/08/22 · Reports

Note: This report was written in 2019 and remains published for reference purposes only.


What kind of threats can we as crypto traders and hodlers expect in 2020 and what are the ways to protect our holdings?
Subscribe to our RSS feed
Airdrops / Blog
 

Coinrule

Malware and exploits are a real maturing industry, the times are long gone when you had to be a literal high-tech lowlife in order to hack someone.

As we reported back in 2018, you can get Malware-as-a-Service for measly 20 bucks if you’re ok to try your luck with something generic in hopes there is still some low-hanging fruit left.

It’s going to be more expensive than that if you’re targeting a particular segment of the internet, especially if your target is more technically skilled than an average 70-year-old, but then these targets usually earn more when the attack succeeds. In the end, the investment may pay off.

This scenario is probably what we have been seeing in 2019 in cryptospace: Cryptocurrency-related crime and targeting of crypto-traders grew especially in the second half of 2019.

That means it’s probably making good money.

Crypto-targeted threats: What are the dangers in 2020?

Because individuals involved in crypto are high-value targets, the attackers started milking as much as they can out of every successful hack.

If you become a victim, your machine will most likely get exploited in multiple different ways.

  • Typically your device will be searched for competing malware or hidden mining software, which will be either wiped out or redirected to the latest attacker who gained access to your stuff.
  • You will be scanned for cryptocurrency wallet files - bitcoin wallets, altcoin wallets, multicoin wallets. Don’t think that using little known wallet will protect you.
  • Next your device will be searched for anything related to cryptocurrency exchanges and crypto trading platforms: Any stored access credentials, 2FA backup codes, keys.
  • You will possibly get a keylogger or similar to learn your access credentials to wallet software, exchanges and also to your email - a hacked mailbox is valuable. Even if it’s not possible to restore passwords through it, it can be at least used to send off spam campaigns from a “legitimate” email account.
  • Last but not least, if your infected phone or laptop is not a model from the year 1960, it will probably have some spare capacity for illicit Monero mining.

Crypto malware in 2020: Distribution

How are you most likely to get exploited?

Clicking on an email or social media link you did not expect

An IRS or similar official-looking file in an e-mail attachment is an old classic, but remember it might be coming from the email of someone you know if they got exploited.

Security Threats for Crypto Traders in 2020

Fake “Action required”

It could be the web wallet from blockchain.com, other hosted wallets or even trading platform accounts. If your e-mail got exposed in relation to some leaked data, as it probably happened with most of you in the 2019 BitMEX mass email fuckup, sooner or later you will get phishing emails prompting you to reset passwords or similar.

Some of these are very good - the email design will be the exact copy of what you’d get from the real site just like the imposter landing page you will end up at. Some attackers even create fake companies to buy SSL certificates for their imposter sites.

Infected trading software and trading apps

This is the most recent way of targeting crypto traders who use Mac, once the platform without viruses. (Yeah, those days are long gone too.)

The malware was hidden inside an innocent-sounding CrashReporter executable in a clone of a real Mac app for trading on multiple platforms from a single place, a popular feature that active traders and arbers always search for.

From sentinelone.com – A fake company website offering “Advanced trading functions for cryptocurrency traders that includes: technical and fundamental analysis, automated trading and many other innovative features” was used to lure victims to a Github repo containing malware hidden inside an otherwise functional application.

You see that the app was distributed via Github, not via some obscure website you never heard of.

How to protect your crypto

You might feel threatened about technically complex and expensive to pull off vulnerabilities in hardware wallets, yet meanwhile it’s getting dangerous out there.

Potential dangers come from downloading any new crypto wallet, trading application or anything that could be of interest to crypto traders - including memes which can carry steganographic payload.

It is always safer to have a triered device system for crypto, including a burner device that you use as a dumpster for every activity that is potentially dangerous.


Disclosure: All products featured on AltcoinTrading.NET are independently chosen, but some of the links on this page are affiliate links. Read our full content disclosure to learn more.

Latest Airdrops & Bounties - Updates every evening (UTC)

airdrop Lend x DAOmaker Airdrop - There is a mandatory task to vote on a project at DAOmake...
airdrop PocketInfinity Airdrop II - A Gleam airdrop with all tasks mandatory. Prize pool is 2...
airdrop MegaGleam Airdrop Batch 9 - This is a long Gleam with optional daily bonus tasks. Poo...
airdrop TigerDogi Airdrop - LATOKEN is running a bunch of new airdrops: ZFM, OMG, RFX...
bounty Lithium Ventures Airdrop - Sign in with a Web3 wallet like Metamask and complete sim...
bounty Slice Chrome Extension - The Slice app is a Chrome extension that pays you for bro...
bounty PLUR Talk NFT Retroactive Airdrop - A community platform for NFT holders built on MATIC. Foll...
exchange promo LATOKEN ZFM Airdrop and Bounty - until 5 Dec
exchange promo Football Frenzy Promo - until 18 Dec
exchange promo Zero-Fee OTC Thanksgiving Promo - until 1 Dec
exchange promo World Cup Promo on Bitmart - until 30 Nov
exchange promo Get VIP for depositing - until 10 Dec