While we’re looking at the DeFi industry rising, it’s also good to look back at recent dangerous things that happened.
The Twitter breach and promotion of the Bitcoin scam once again drew the public attention to the increasing number of crypto hack attacks and the catastrophic consequences they may have. On July 15th, hackers managed to breach some of the most high-profile Twitter accounts, including those of Barack Obama, Joe Biden, Elon Musk and Bill Gates. The scam tweets asked from individuals to send bitcoin to a specific crypto wallet, promising that money sent would be doubled and returned as a charitable gesture. As a result, more than 320 transactions with value of around $110,000 had been raised before the scam tweets were removed.
According to Twitter, the breach occurred after several employees were the target of a phone phishing attack. The FBI has launched an investigation into the hack attack.
And this, finally, leads us to the topic of our today’s blog post. Let’s take a look at the three recent crypto hack attacks.
Ledger wallet data breach
Ledger, one of the most popular hardware wallet providers in the market, revealed in a statement that an unknown attacker breached its marketing database between June and July. The company stated that on July 14, a bug bounty program participant discovered a potential vulnerability on the website and reached out to the employees.
The hacker accessed the marketing database that Ledger used to send promotional emails to its users via an API key, compromising the email addresses of almost one million people and exposing details of 9,500 customers such as first and last name, postal address and phone number.
According to Ledger, no payment details, passwords or funds have been accessed. Ledger fixed the breach immediately and deactivated the compromised API key. The company also added that it continues to monitor online marketplaces to find any trace of stolen data.
$200 million crypto exchange hacking
Crypto exchanges continue to be tempting targets for hackers. Cybersecurity company ClearSky published the results of its research revealing that the hacking group named CryptoCore continues to target crypto exchanges. In fact, the report states that the group has launched several phishing campaigns against (at least five) crypto exchanges and stole $200 million in the past two years.
The hackers used spear-phishing attacks and social engineering techniques targeting executives and employees to gain access to wallets. Hence, the attackers managed to steal various credentials and data including username, host name, time zone, network adapter, etc. The report also notes that hackers, most likely, operate out of Ukraine, Romania or Russia.
Cryptojacking by mining
Stealth crypto mining attacks (cryptojacking), where hackers install cryptocurrency mining malware on a computer to use its power to mine cryptocurrencies, are still pretty common.
In March, a unicorn startup Acronis revealed the results of its recent cybersecurity survey, stating that 86% of IT professionals showed concern about the risks posed to their companies by these attacks.
Cointelegraph has also recently reported about the increase in cryptojacking within Mexico, while a new Microsoft report, Security Endpoint Threat Report 2019, states that India is the country with the second-highest number of cryptojacking incidents in the Asia Pacific region, lagging only behind Sri Lanka.
Final words on recent crypto attacks
Crypto hack attacks continue to grow in number and sophistication. Hackers are perfecting the old techniques and continue to add new, more advanced ones. The recent Twitter hack, promoting a Bitcoin scam, showed that the attacks aren’t limited to crypto arena only. Companies, startups and individuals are facing the challenge of finding the way to respond and protect theirs and users’ funds.