Fun

News Feed - 2023-07-05 02:07:59

Felix Ng3 hours agoDarknet bad actors work together to steal your crypto, here’s how — Binance CSOCrypto hackers have turned their attention toward the crypto user, and “security hygiene” is more important than ever, according to Binance’s Jimmy Su.2160 Total views2 Total sharesListen to article 0:00InterviewJoin us on social networksLurking in the shadiest corners of the dark web is a “well-established” ecosystem of hackers that target cryptocurrency users with poor “security hygiene,” according to Binance’s chief security officer, Jimmy Su.


Speaking to Cointelegraph, Su said that hackers had shifted their gaze toward crypto end-users in recent years.


Su noted when Binance first opened in July 2017, the team saw plenty of hacking attempts on its internal network. However, the focus has shifted as crypto exchanges continued to beef up their security.Phishing scams are particularly prevalent in emails.

They are used as a way to collect your sensitive information by impersonating someone you trust.

Use the blog below to learn how to stay safe from them. https://t.co/UtKBvR52lX— Binance (@binance) July 4, 2023


“Hackers always choose the lowest bar to achieve their goals because, for them, it’s a business as well. The hacker community is a well-established ecosystem.”


According to Su, this ecosystem comprises four distinct layers: intelligence gatherers, data refiners, hackers and money launderers.Data gatherers


The most upstream layer is what Su described as “threat intelligence.” Here, bad actors collect and collate ill-gotten intel about crypto users, creating entire spreadsheets filled with details about different users.


This could include crypto websites a user frequents, what emails they use, their name, and whether they’re on Telegram or social media.


“There is a market for this on the dark web where this information is sold [...] that describes the user,” explained Su in a May interview.


Su noted this information is usually gathered in bulk, such as previous customer information leaks, or hacks targeting other vendors or platforms.An employee of our email vendor, https://t.co/6vM4WAcJal, misused their employee access to download & share email addresses with an unauthorized external party.

Email addresses provided to OpenSea by users or newsletter subscribers were impacted.https://t.co/Osb6qqkqZZ— OpenSea (@opensea) June 30, 2022


In April, a research paper by Privacy Affairs revealed cybercriminals have been selling hacked crypto accounts for as little as $30 a pop. Forged documentation, often used by hackers to open accounts on crypto trading sites, can also be bought on the dark web.Data refiners


According to Su, the data gathered is then sold downstream to another group — usually made up of data engineers specializing in refining data.


“For example, there was a data set last year for Twitter users. [...] Based on the information there, they can further refine it to see, based on the tweets to see which ones are actually crypto-related.”


These data engineers will then use “scripts and bots” to figure out which exchanges the crypto enthusiast may be registered with.


They do this by attempting to create an account with the user’s email address. If they get an error that says the address is already in use, they’ll know if they use the exchange, which could be valuable information that more targeted scams could use, said Su.Hackers and phishers


The third layer is usually what creates headlines. Phishing scammers or hackers will take the previously refined data to create “targeted” phishing attacks.


“Because now they know ‘Tommy’ is a user of exchange ‘X,’ they can just send an SMS saying, ‘Hey Tommy, we detected someone withdrew $5,000 from your account; please click this link and reach customer service if it wasn’t you.’”


In March, hardware wallet provider Trezor warned its users about a phishing attack designed to steal investors’ money by making them enter the wallet’s recovery phrase on a fake Trezor website.


The phishing campaign involved attackers posing as Trezor and contacting victims via phone calls, texts, or emails, claiming that there has been a security breach or suspicious activity on their Trezor account.A screenshot from a phishing domain copying Trezor’s website. Source: Bleeping ComputerGetting away with it


Once the funds are stolen, the final step is getting away with the heist. Su explained this could involve leaving the funds dormant for years and then moving them to a crypto mixer such as Tornado Cash.


Related:Arbitrum-based Jimbos Protocol hacked, losing $7.5M in Ether


“There are groups that we know that may sit on their stolen gains for two, three years without any movement,” added Su.


While not much can stop crypto hackers, Su urges crypto users to practice better “security hygiene.”


This could involve revoking permissions for decentralized finance projects if they no longer use them, or ensuring communication channels, such as email or SMS used for two-factor authentication, are kept private.


Magazine:Tornado Cash 2.0 — The race to build safe and legal coin mixers# Blockchain# Darknet# Adoption# Hackers# Dark Web# Binance# HacksAdd reactionAdd reactionRelated NewsHow to use a crypto hardware wallet5 talent marketplaces to hire developersAccount abstraction will drive a billion users from Asia to Web3: ConsenSys execCurve pool imbalance triggers USDT depeg concerns: Finance RedefinedCZ, Powell and more rally to fund legal fees for on-chain sleuth ZachXBT, surpassing $1M100K ChatGPT logins have been leaked on dark web, cybersecurity firm warns

News Feed

Spot Bitcoin ETFs reverse 7-day outflow streak
Amaka Nwaokocha41 minutes agoSpot Bitcoin ETFs reverse 7-day outflow streakAs of June 25, the 11 spot Bitcoin funds that debuted in January have seen net inflows of $14.42 billion.311 Total viewsListen to article 0:00New
Floki Inu Cryptocurrency Ads Under Investigation in UK
Floki Inu Cryptocurrency Ads Under Investigation in UK The U.K.’s advertising authority has launched an investigation into advertisements for the cryptocurrency floki inu (F
Solana Might Reach $295 Once It Breaks Key Supply Zone – Details
Este artículo también está disponible en español. Solana (SOL) has captured significant attention in the crypto market after a series of volatile days that followed its b
India’s Crypto Trading Volume Plummets as New Tax Rules Enter Into Force
India"s Crypto Trading Volume Plummets as New Tax Rules Enter Into Force Crypto trading volumes in India have plummeted following the new tax law entering into force. The new rules
Cardano Bullish Pattern Suggests A Breakout – Can ADA Reach $0.54?
Este artículo también está disponible en español. Cardano (ADA) is crucial following days of heightened volatility and excitement among crypto investors. While other altc
US Senator Calls Sam Bankman-Fried to Answer for Failure of FTX and Alameda Research
US Senator Calls Sam Bankman-Fried to Answer for Failure of FTX and Alameda Research Two congressional hearings will be held next week on the collapse of cryptocurrency exchange FT
XRP Battle Between Bulls And Bears Hinges On $1.97 – What To Expect
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
Bitcoin Becomes 12th Largest Asset Worldwide by Valuation, Surpassing Visa
Bitcoin Becomes 12th Largest Asset Worldwide by Valuation, Surpassing Visa After dropping below $26,000 per unit, the price of bitcoin, the leading digital asset by market capitali
Brayden Lindrea3 hours agoWinklevoss slams DCG’s Silbert — Not even SBF was ‘capable of such delusion’In an open letter, Cameron Winklevoss slammed DCG’s Barry Silbert for allegedly playing the victim card whil
Silver Squeeze Goes Viral, Ounce of Ag Jumps Above $30, Wallstreetbets Fans Question Trend’s Legitimacy
Silver Squeeze Goes Viral, Ounce of Ag Jumps Above $30, Wallstreetbets Fans Question Trend"s Legitimacy This past week, another social media trend started on the
Nintendo will not use generative AI to build game titles
Arijit Sarkar13 minutes agoNintendo will not use generative AI to build game titlesNintendo’s president addresses the risks of intellectual property breaches with generative AI at a shareholder meeting.108 Total views4
Bitcoin, Ethereum Technical Analysis: BTC Moves Below $23,000 as Market Volatility Heightens
Bitcoin, Ethereum Technical Analysis: BTC Moves Below $23,000 as Market Volatility Heightens Bitcoin dropped to a two-week low on Feb. 9, with prices falling below the $23,000 mark