fbpx
Money

Common Tactics Used To Hack A Cryptocurrency Exchange

A lot of amateur cryptocurrency traders and retail investors are starting to lose interest in this booming industry because of the lengthy and painful decline on the market of digital currencies.

Few of those who purchased Bitcoin for $20,000 believe they can sell their funds at the same rate, not to mention any chance of profit. That’s because brokers still cannot break the back of traders and move down to the critical psychological threshold of $5,000.

In spite of that, the cryptocurrency business continues to evolve and scale. This primarily applies to specialized trading platforms. While the failed investors are feeling helpless, new players are entering the game, including Goldman Sachs and Intercontinental Exchange (ICE), the parent company of the New York Stock Exchange (NYSE).

Goldman Sachs is planning to allow its customers to trade Bitcoin futures, whereas ICE will offer swap contracts to banks so that clients can get their cryptocurrency the day following the purchase transaction.

While some low-skilled investors are abandoning the business, the big names are just starting to break new ground that has a huge potential. With that said, it’s quite likely that cybercriminals will target this industry more heavily.

Security analysts single out several main techniques used by threat actors to hack cryptocurrency trading platforms. The list below reflects the common attack vectors and highlights the countermeasures that every user of these platforms should follow.

Phishing Emails

Imagine the following scenario: security systems of the cryptocurrency exchange you are using have purportedly detected suspicious activity in your account. In response to this, the service has sent a notification to the email address you indicated in your profile. The message contains a hyperlink and a recommendation to change your password immediately in order to prevent your funds from being stolen.

Despite the whole simplicity of this scheme, many newbies have actually got on the hook and continue to fall for it. If you follow that link, there will typically be several fields to fill out: your old password, new password, and confirmation of the new password. This way, while trying to maintain control of their funds, lots of traders unknowingly hand them over to crooks.

There are several simple rules that will keep you safe:

  • Do not open emails from unknown sources.
  • Do not send your personal information to third parties.
  • Scrutinize the sender’s email address: messages from major exchanges are usually sent from official domains.

Phishing Sites

All cryptocurrency traders are, obviously, literate people. However, when it comes to typing the name of an exchange in the address bar correctly, or visiting its website via a hyperlink, many of them overlook misspellings and a missing security verification icon in the browser.

As soon as such hapless traders enter their username and password, the malefactors obtain virtually all the credentials they need to access the account. The only way to avoid this fraud is to pay close attention to detail, because phishing-related copycats of popular trading platforms are unlikely to vanish in the near future.

  • Bookmark your main trading website and visit it only by clicking this bookmark.
  • Always use the best VPNs that encrypt your traffic.

Email Hacking

The email linked to one’s account at a cryptocurrency exchange tends to be targeted by hackers just as heavily as the account itself. Having taken control of your email, a perpetrator can send a password recovery request, set a new temporary password and easily transfer the funds to their own wallets. Two-factor authentication (2FA) is the most effective protection mechanism in this case that prevents third parties from accessing your account.

TeamViewer As An Entry Point

Unfortunately, even two-factor authentication doesn’t ensure ultimate security if Google Authenticator is embedded in a web browser on a PC. With the TeamViewer tool installed, chances are that the attacker will get access to TOTP authentication codes in real time and leverage them to hack into your profiles at the exchange.

2FA is effective as long as the application is installed on another device such as a smartphone. This reduces the risk of being hacked considerably.

A lot of cryptocurrency exchange users neglect the fundamental security practices because they are sure they will never get in trouble like the customers of Mt. Gox and Coincheck did. However, even the most sophisticated trading platforms have a number of covert vulnerabilities that threat actors can potentially exploit to hack the system.

Some people might find the enabling of two-factor authentication redundant, but you should keep in mind at all times that the black hats can outwit even the most successful traders. So, it’s imperative to follow a few basic and simple guidelines that will significantly reduce the risk of losing assets in the aftermath of hacker attacks and scams.

The author, David Balaban, is a computer security researcher with over 15 years of experience in malware analysis and antivirus software evaluation. 

This story originally appeared in CCN. Image courtesy of Shutterstock.

Join The Discussion

Cannabis Becomes Legal In Canada
Cannabis Becomes Legal In Canada [Video]
Theresa May Faces Frantic 48 Hours To Save Brexit Plan
Theresa May Faces Frantic 48 Hours To Save Brexit Plan [Video]
How Much Damage Can Saudi Arabia Do To The Global Economy
How Much Damage Can Saudi Arabia Do To The Global Economy? [Video]
Russian Suspect In UK Poisoning Is Hero To His Home Village
Russian Suspect In UK Poisoning Is Hero To His Home Village [Video]
Over 100,000 ATMS Now Let You Buy Bitcoin With A Debit Card In The U.S.
Over 100,000 ATMS Now Let You Buy Bitcoin With A Debit Card In The U.S.
Crypto Exchange Giant Coinbase Opens Office In Ireland
Crypto Exchange Giant Coinbase Opens Office In Ireland
Thai Authorities Arrest Top Suspect In Multi-Million Dollar Bitcoin Fraud
Thai Authorities Arrest Top Suspect In Multi-Million Dollar Bitcoin Scam
Bitcoin Price Explodes To $7,500 And Here's Why
Bitcoin Price Explodes To $7,500 And Here’s Why
Make 6 Figures A Year With A Free Facebook Group
Make 6 Figures A Year With A Free Facebook Group
7 Great Tips For Going Live On Facebook, Instagram Or Twitter
7 Great Tips For Going Live On Facebook, Instagram Or Twitter
5 Types Of Social Media Content That Convert
5 Types Of Social Media Content That Convert
How, When And Why You Should Use Live Streaming
How, When And Why You Should Use Live Streaming? [Infographic]
11 Facebook Updates You Need To Know For 2019
11 Facebook Updates You Need To Know For 2019
Facebook Launches Updated Education Courses For Instagram Marketers
Facebook Launches Updated Education Courses For Instagram Marketers
Vertical Video Ads Are Coming To YouTube
Vertical Video Ads Are Coming To YouTube
5 Tips For Brands On How To Use Facebook's 'Brand Collabs Manager' Tool
5 Tips For Brands On How To Use Facebook’s ‘Brand Collabs Manager’ Tool
5 Benefits Of Teaching Young Children About Entrepreneurship
5 Benefits Of Teaching Young Children About Entrepreneurship
10 Brain Hacks To Optimize Your Memory And Mental Performance
10 Brain Hacks To Optimize Your Memory And Mental Performance [Video]
16 Mental Shifts
16 Mental Shifts For Living A Happier, Wealthier, More Successful Life
The Myth Of The Digital Nomad Lifestyle
The Myth Of The Digital Nomad Lifestyle
Cannabis Becomes Legal In Canada
Cannabis Becomes Legal In Canada [Video]
Theresa May Faces Frantic 48 Hours To Save Brexit Plan
Theresa May Faces Frantic 48 Hours To Save Brexit Plan [Video]
How Much Damage Can Saudi Arabia Do To The Global Economy
How Much Damage Can Saudi Arabia Do To The Global Economy? [Video]
Russian Suspect In UK Poisoning Is Hero To His Home Village
Russian Suspect In UK Poisoning Is Hero To His Home Village [Video]