Lessons learned from the many crypto hacks
The one poignant lesson that crypto investors globally have learned over the years is that despite the immutable, impenetrable nature of the technology behind cryptocurrencies and blockchain, their crypto investments and transactions are not secure.
2018, for example, witnessed some of the largest crypto exchange hacks globally. Not to mention, the alarming volatility in the crypto market that continues to make headlines each day. According to the Cryptocurrency Anti-Money Laundering Report published by Cipher Trace, a blockchain security firm, 2018 witnessed a loss of over $1billion in cryptocurrencies, with the hack of the Japanese crypto exchange, Coincheck, accounting for more than half of that loss. Other notable breaches include Italy’s BitGrail and South Korea’s Coinrail. In addition, $9 million is stolen from crypto wallets every day. 2018’s crypto losses alone were more than three times those seen in 2017.
The hacking trend seems to continue in 2019. Cryptopia, a New Zealand-based cryptocurrency exchange was hacked halfway through the very first month of this year. This hack was followed by the data breach suffered by the Israel-based exchange, Coinmama. Although no cryptocurrencies were stolen in the latter, it did result in the leak of close to 450,000 email addresses and passwords. These types of data leaks can have far wider repercussions if not dealt with immediately.
While these hacks and breaches have had global regulators sit up and take notice, it has also clearly resulted in a loss of investor confidence in crypto. However, just because hackers are targeting the crypto world, it doesn’t mean we should steer away from crypto. Instead, investors need to question and understand the reasons behind this sudden rise in crypto cybercrime.
Hackers’ favorite methods to steal crypto
Now, if the past hacking incidents have taught us anything, it is that hackers will continue to follow the growing pool of crypto funds. They will continue to develop newer tools every day to get away with their victims’ money. In short, they will follow the money.
When it comes to targeting crypto, hackers seem to have several go-to methods that they turn to more often than others. These include, phishing and using malware droppers to infect a users’ device with a keylogger, or, buffer manipulator. By injecting scripts such as the JavaScript malware into active web sessions, hackers are silently executing bank transfers as soon as a user logs in to their cryptocurrency account. Another relatively new and sophisticated method hackers are increasingly turning to is SIM-swapping, where a victim’s phone number gets transferred to a thief’s SIM card, thereby allowing them to change passwords and access the victim’s crypto accounts. What makes it worse is that once the cryptocurrencies are stolen, they are gone for good. There’s no way to trace the transactions and there’s no one that can be held accountable.
The reality is that hackers are tracking our habits. Our increased dependence on devices like mobile and desktops to surf the web, carry out crypto transactions and store crypto currencies divulge to hackers that if they find a way to penetrate our devices, access to our crypto assets is no challenge at all.
Since cryptowallets and crypto exchanges are only as strong as the devices used to host and interact with them, we must be vigilant in finding ways to secure our devices to curb the number of crypto attacks.
The need for a proactive solution
Every four seconds, hackers release a new string of malware, and by the time there is a solution to wipe away that malware, a new one is injected into the crypto space. Clearly, 30-year-old antivirus solutions will not protect us from the prevalent malicious threats to crypto. So, what can we do to ensure that we don’t lose the fight against hackers?
The only way to deal with crypto attacks, is to truly understand the ways in which the devices we use for crypto storage and transactions can and have been compromised. Once we have a good understanding of the various methodologies used for the different devices, we can then begin to implement proactive measures to secure these devices from future hacking.
To protect their devices against previously successful hacking techniques and finally have the peace of mind knowing that their crypto transactions are safe, crypto investors only have to employ simple measures. For example, by installing security features such as keystroke encryption, anti-clickjacking and anti-screen scraping on their devices, investors can essentially prevent malware from spying on and copying or gathering any critical information from their devices. Another way to keep hackers at bay is to use stronger password protection with real-time transaction verification.
While there is no sure-fire way to eliminate hackers, acknowledging that hacking attempts are inevitable, and taking proactive measures to keep out the bad actors, can go a long way in securing one’s crypto assets.