8.2 C
New York
Thursday, November 7, 2024
HomeTechnologyCryptocurrency and cybersecurity: How investors protect their e-wallets

Cryptocurrency and cybersecurity: How investors protect their e-wallets

Important cryptocurrencies: Bitcoin, Litecoin, Ethereum. (Image: Shutterstock)
Remember Article

Despite Course roller coaster has lost none of its shine. This not only attracts new investors, but also cyber criminals. An overview of the major security risks.

With the ups and downs of the crypto currencies One trend remains constant: New investors keep pouring into the crypto exchanges. Many are investing in a digital currency for the first time – and are not aware of the associated security risks.

Methods are repeatedly discussed in the Darknet and relevant forums to get to the digital coins. Here are the four most common attack vectors used by hackers as well as tips and recommendations on how to protect e-wallets.

Eavesdropping: reverse proxy -Phishing

Phishing is the Scam to intercept sensitive information and crack accounts. It is no different with crypto wallets. However, a special shape is used here. Reverse proxy phishing is a type of domain spoofing man-in-the-middle attack. Similar to eavesdropping in a spy film, attackers secretly eavesdrop on the traffic between two unsuspecting parties.

This method is popular because it allows cyber criminals to cheat two-factor authentication (2FA). The authentication process is particularly effective in preventing third parties from hacking into someone else’s wallet using leaked or stolen login data. Reverse proxy phishing therefore takes a little detour. A phishing e-mail lures the owner of an e-wallet to a wrong page that looks very similar to the original page. The problem: the fake domain is hosted on a malicious reverse proxy server. This switches itself between the server of the victim and the server of the legitimate login page. Hence the name “Man in the Middle” (MitM). Once positioned, the reverse proxy server can observe the entire data traffic.

(Graphic: Digital Shadows)

Next, it gets the legitimate login page and loads a copy for the victim. Stolen SSL certificates ensure that the victim’s browser does not become suspicious. Unsuspecting, the owner logs into his e-wallet – as prescribed by 2FA with both credentials. The malicious server gratefully accepts it, logs on to the legitimate login page and empties the e-wallet.

What to do?

Is it switched in between, the reverse proxy server is not so easy to shake off. 2FA with a security key (hardware token) can usually ward off such attacks. However, such tokens are rarely used.

The best defense against phishing: Don’t click on suspicious emails and links! Even if it has to be quick, it is worth taking a second look at the website and URL. Scammers are terrifyingly good at recreating legitimate sites. It is best to navigate to your e-wallet directly via the provider’s homepage – and never via e-mails or third-party sites.

Cryptojacking: Hijacked computing power

In cryptojacking, attackers target the processing power of a computer. The CPU is hijacked and used by botnets to mine cryptocurrency. The computers become infected via malicious links and turn into externally controlled zombies. The mining malware runs in the background and is sometimes not noticed for years – not even by antivirus software.

Web-based cryptojacking uses scripts that run on a website or domain. If you land on the infected host while surfing the web, mining takes place via the browser. In 2017, a Starbucks branch Wi-Fi network was hacked. Guests who went online via the free WiFi also mined crypto currencies on the side

What to do?

Follow World Weekly News on

Tyler Hromadka
Tyler Hromadka
Tyler is working as the Author at World Weekly News. He has a love for writing and have been writing for a few years now as a free-lancer.

Leave a Reply

Must Read