2 min read

FBI warns hackers are targeting cryptocurrency wallets and exchanges

Graham CLULEY

July 13, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
FBI warns hackers are targeting cryptocurrency wallets and exchanges

The FBI has sounded an alert amongst owners of cryptocurrency, digital currency exchanges, and cryptocurrency payment platforms that their virtual riches are being actively targeted by malicious hackers.

As Bleeping Computer reports, the FBI has warned those who hold or handle large amounts of cryptocurrency that cybercriminals are using a variety of methods in their attempts to steal fortunes.

Techniques used by online criminals to gain access to cryptocurrency riches include SIM-swapping attacks (also known as SIM hijacking or Port Out scams).

These type of scams typically occur where a cellphone operator has been duped into giving a fraudster control over someone else's phone number, with the result that the criminal will receive security-related SMS messages (such as authentication tokens required to log into an account) rather than the account's genuine owner.

SIM-swapping attacks have become such a powerful tool for hackers who wish to seize control of an account that more and more online sites have turned their back on SMS-based authentication and moved to app-based multi-factor authentication instead, or even hardware keys.

In addition, cybercriminals have also impersonated the support staff at cryptocurrency exchanges and payment platforms, duping users over the telephone to hand over credentials or tricking them into allowing malicious remote access code to be run on their computers.

This type of "tech support scam" is far from novel, but historically has most often been successful against the elderly and vulnerable members of society.  The cryptocurrency fortunes potentially accessible to malicious hackers has clearly driven fraudsters to widen their net for victims.

Users who receive suspicious communications are advised to contact exchanges and payment platforms directly via their official phone numbers and email addresses, rather than trust unsolicited emails and phone calls blindly.

Meanwhile, companies running the cryptocurrency exchanges and platforms themselves are encouraged to be on the look out for suspicious emails that spoof their address, and monitor the activity of recently-created accounts.

As Bleeping Computer describes, the warning about the attacks was issued by the FBI via a TLP:Green Private Industry Notification (PIN) to selected private sector organisations, but not to the wider public.

Nonetheless, everyone would do well to follow the advice to be wary of unsolicited communications, enable multi-factor authentication where available (preferably not via SMS), and follow best security practices when it comes to choosing strong, unique passwords and keeping PCs malware-free.

tags


Author



Right now

Top posts

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Authorities Dismantle iSpoof Criminal Phone Spoofing Operation, Arresting 142 Authorities Dismantle iSpoof Criminal Phone Spoofing Operation, Arresting 142
Vlad CONSTANTINESCU

November 25, 2022

1 min read
975 Arrested by Interpol Over Phishing, Romance Scams, Sextortion and Investment Fraud 975 Arrested by Interpol Over Phishing, Romance Scams, Sextortion and Investment Fraud
Filip TRUȚĂ

November 25, 2022

2 min read
How SIM Swapping Attacks Work and How to Protect Yourself How SIM Swapping Attacks Work and How to Protect Yourself
Filip TRUȚĂ

November 25, 2022

3 min read