How hackers break crypto wallets
In virtual wallets, unlike their classic counterparts, money is not actually stored. The crypto wallet contains a private key to control virtual funds and tokens for transactions. At the same time, the security of user funds depends to a large extent on the reliability of the underlying code. That is why developers try to combine security with ease of use, privacy and other popular features when creating such wallets.
But not many developers like BitMarket Network Client are constantly improving the service. This allows hackers to find vulnerabilities in the security system of such storage.
After hacking one of the Binance wallets, platform users lost 7,000 Bitcoin, as well as multi-factor authentication codes and API keys. Losing MFA codes increases the risk of user funds theft and can be costly for companies.
Let’s consider the most common threats for crypto wallet owners.
1. Malicious programs that replace the contents of the clipboard
Cybercriminals use this type of malware to covertly replace the contents of the clipboard using a common copy and paste action. For the first time, such a threat was discovered in the Google Play store in the form of the MetaMask application. The malware replaced the addresses of Bitcoin and Ethereum wallets copied to the clipboard with addresses belonging to the attackers.
2. Fake login pages
Cybercriminals often distribute fake versions of popular crypto wallets for mobile devices or for well-known cryptocurrency exchanges. The idea behind these malicious campaigns is to fill the niche left by well-known brands and reach more potential victims.
After downloading one of the fake cryptocurrency wallets, users are taken to a login page. Such pages are often phishing pages and are used to steal the user’s private keys, which are necessary to gain control over the wallet.
3. Malicious links
Homographic attacks have become common among cybercriminals, which involve creating domains similar to well-known sites. In fact, most of these links are phishing.
Another way to carry out phishing is by sending spam emails with malicious links, clicking on which often downloads banking Trojans such as Mekotio. Some variants of this malware can steal Bitcoin by replacing your wallet address on the clipboard. In other cases, attackers use programs to read keystrokes.
Some users use a wallet without Internet access to reduce the risk of theft or infection of their crypto wallets.
To manipulate potential victims, cybercriminals use similar messages: “Now you can access the wallet functions directly from your browser for quick and easy cryptocurrency transactions. To register, you just need to share your recovery phrase. ”
Having learned the recovery phrase, attackers can quickly clone a hardware wallet and gain access to its owner’s funds. According to some reports, the total damage from this type of fraud exceeds $ 250,000.
Cybercriminals are constantly improving their infection methods by finding new user or application security vulnerabilities.
To protect the clients from wallet hacking, developers periodically check their services and strengthen its protection. For example, the innovative multicurrency wallet BitMarket Network Client was updated literally on July 9, 2021. It included:
- Fixed Linux Wayland support
- Fixed generation of transactions for P2SH, P2WSH addresses
- Python setup tools support
Among the other advantages of this wallet: the two-factor authentication, open-source, multi-currency, cross-platform, modern and simple interface, low commission for transactions. You can buy and exchange different digital coins, including Bitcoin, Litecoin, and Ethereum on Mac OS X, Linux, and Windows. At the moment, this Blockchain wallet is in alpha version and is looking for IT professionals.