Author: Marcel Pechman, Cointelegraph; Compiler: Songxue, Jinse Finance
Cryptocurrency users often fall prey to cyber hackers, and Mark Cuban is just the latest example of how nearly a million dollars can quickly be drained from your digital wallet.
The security of your money can be greatly enhanced by following the three simple guidelines we will outline in this article. But before delving into these issues, it’s critical to understand the types of threats that exist today.
FBI has clear evidence of Lazarus group
The Lazarus group is known for sophisticated attacks associated with various cyberattacks and cybercriminal campaigns, including the WannaCry ransomware attack.
WannaCry disrupted critical operations for many organizations, including healthcare and government agencies, by encrypting files on infected computers and demanding a ransom payment in Bitcoin.
One of the earliest cryptocurrency-related hacks was the breach of South Korean cryptocurrency exchange Yapizon.
Lazarus Group’s activities in the cryptocurrency space have raised concerns. In 2022, for example, the group was linked to a series of high-profile cryptocurrency hacks, including the theft of $620 million from the Axie Infinity bridge.
The FBI blamed the Alphapo, CoinsPaid and Atomic Wallet hacks on Lazarus Group, saying the group's total losses from all these hacks in 2023 exceeded $200 million.
This month, the FBI blamed the Lazarus Group for a $41 million hack of the website Stake, which was carried out through a phishing campaign targeting some of its employees.
Most hacking attacks involve social engineering and exploit human error
Contrary to what movies usually show, where hackers either gain physical access to a device or brute force passwords, most hacks actually occur through phishing.
These hackers may impersonate a customer support representative or other trusted figure to trick victims into handing over personal information.
For example, a hacker might impersonate a company's IT support staff and call employees, claiming they need to verify login credentials for a system update. To build trust, attackers may use public information about the company and the target's persona.
Phishing attacks involve sending spoofed emails or messages to trick recipients into taking malicious actions. An attacker might impersonate a reputable organization (such as a bank) and send users an email asking them to click a link to verify their account. The link took them to a fraudulent website and their login credentials were stolen.
Bait attacks offer victims something enticing, such as free software or job opportunities. Attackers pose as recruiters and create convincing job postings on reputable job sites. To further build trust, they might even conduct fake video interviews and then notify candidates that they have been selected. Hackers continue to send seemingly innocuous files, such as PDFs or Word documents, that contain malware.
How Cryptocurrency Investors Can Avoid Hacks
Fortunately, despite the increasing skills and capabilities of today's hackers, there are three simple steps you can take to keep your money safe. Right now:
Use a hardware wallet to store your crypto assets long-term. Hardware wallets are not directly connected to the internet, which makes them highly secure against online threats such as phishing attacks or malware. They provide an extra layer of protection by keeping your private keys offline and away from potential hackers.
Enable two-factor authentication.
Use caution when clicking links in emails and social media. Scammers often use enticing offers or freebies to lure victims. Use a separate "burner" account or wallet to experiment with new decentralized applications and airdrops to reduce the risk of losing your funds.
