1.1m XRP stolen in phishing scam on crypto wallet Ledger lookalike


0
1 share

Crypto scams and attacks are on the rise once again as the broader sector breaks out of a nearly three-year-long bear market.

The process is usually as follows: Scammers target sites like YouTube, Twitter, and Google searches to trap unsuspecting users and create either fake advertisements — such as alluring giveaways — or even create a fake website using domains similar to the original — using “0” instead of “o” or a sneaky misspelling.

XRP gone

Such an attack vector last week saw millions of XRP stolen from a fake Ledger site, with the attackers using a fake domain name and successfully swindling funds. 

The 1.1 million XRP — stolen from different users — is currently worth over $280,000, as per CryptoSlate data. As per XRP Forensics, the attackers sent the funds to Bittrex, a crypto exchange, which was “unable to seize” or flag the addresses and allowed the attackers to actualize the loot.

Bittrex did not respond to questions from CryptoSlate about the stolen funds at press time.

Expert weighs in 

Dmytro Volkov, CTO of the international cryptocurrency exchange CEX.IO, told CryptoSlate that such hacking attacks against crypto wallets are usually focused on the most vulnerable parts – user devices and the user themselves. 

“It is relatively easy to hack end-user devices or to “hack” (read trick) humans by using social engineering. Direct hacking and cracking of wallets are rare because of high information security standards and complex cryptography used in wallets,” he said.

A hack by “social engineering” was infamously seen in July’s outrage at microblogging site Twitter, which saw a 17-year-old teen from Florida target 25 high-profile political and celebrity accounts and initiate a crypto scam.

There are no reliable methods to protect from social engineering, however, there are certain widespread social engineering signs one should be familiar with. Any such signs should alert your attention and demand additional checks.

Meanwhile, Volkov suggested users check website URLs and HTTPS (SSL) certificates prior to engaging with any crypto platform — despite any visual similarities. This method — the one used by the fake Ledger website involving the stolen XRP — sees a hacker create a site similar to the real website and eventually receive a user’s password or one-time confirmation code, following which the credentials are changed and all assets (usually) transferred out.

Crypto hacks continue to rise despite a favorable year

As per an earlier CryptoSlate report, crypto attacks have marginally fallen this year, as education of additional security measures and awareness about attack vectors has been instilled among the users. Still, as the sector continues to grow and attract newer users, attackers seemingly find newer ways to bait users.

That said, another earlier report suggested exchanges and wallets remain the biggest pain point for the crypto sector with over $4 billion stolen via the two user fronts (and other hacks) in 2019 alone.

Posted In: XRP, Hacks, Scams

Like what you see? Subscribe for daily updates.

Read Also:   Overwhelming bullish sentiment once again proves costly



Google Play

Source link


Like it? Share with your friends!

0
1 share

0 Comments

Leave a Reply

1.1m XRP stolen in phishing scam on crypto wallet Ledger lookalike

by James W. Salisbury
Choose A Format
Personality quiz
Series of questions that intends to reveal something about the personality
Trivia quiz
Series of questions with right and wrong answers that intends to check knowledge
Poll
Voting to make decisions or determine opinions
Story
Formatted Text with Embeds and Visuals
List
The Classic Internet Listicles
Countdown
The Classic Internet Countdowns
Open List
Submit your own item and vote up for the best submission
Ranked List
Upvote or downvote to decide the best list item
Meme
Upload your own images to make custom memes
Video
Youtube, Vimeo or Vine Embeds
Audio
Soundcloud or Mixcloud Embeds
Image
Photo or GIF
Gif
GIF format