We’ve already talked several times about cryptomonedas and risks. A few weeks ago we commented how risky it can be to invest money in a cryptomoneda ICO. If it goes well, it can go very well. But if it goes wrong… then that. But this is not the only risk that investment in cryptomonedas has. At the risk of clearly losing our cryptosavings as in any investment if the price drops, add some attacks to cryptomoneda portfolios that can
make us lose our money if we’re not attentive, let’s see some and how to avoid them.
Troyans like CryptoShuffler
The Trojan CryptoShuffler (remember what a Trojan is, right? We talked about it a few months ago at this entrance.) gives us an idea of the inventive of cyber-criminals and how they adapt to attack where the money really is. This Trojan ‘sequestrates’ our port- papers so that when we copy an address from a portfolio or wallet of cryptomonedas to make a payment or transaction, the Trojan changes it to the portfolio of the malote. I mean, as if by making a trans
from our bank’s website to an account number, the Trojan replaced the account number with that of the offender. Don’t you think that’s a very good idea? It is not that I am inciting you to develop Trojans and do evil, but this in particular seems to me a good idea not exploited so far in other environments… following the example, I have never heard a trojano that would replace the account number in a transfer by the malote.
This is not the only Trojan in this style that exists, but it is one of the last and most striking.
How can we protect ourselves against this attack? For some of the forms we have already commented on in previous posts:
– Having our system conveniently updated.
– With a decent antivirus that is also updated.
– And of course, taking a lot of care and checking twice the address we’re going to make the payment to before giving the ‘Send’ button.
Phishing
For those who sound the term but do not know what the phishing, it’s basically those emails that came to us a few years ago posing as our bank and saying that there was a problem and we had to check our account Do you remember? cybermalote I was sending an e-mail with the logos from our bank to try to fool us and that we thought it was really about our bank, so we didn’t hesitate to enter the data that they asked us to (usually the PIN to be able to do banking operations). On-line), with which the malote crease
I was going to make transfers from our account until the bank detected something weird and warned us.
In the case of the cryptomonedas the attack is quite similar. The cybercriminal is posing as some famous mecenas- altruistic or uses some important event to announce that ‘give’ a certain number of cryptomonedas if we send a small amount first to know our portfolio number (remember that we are anonymous and our portfolio is only identified by a hash as we commented in the first entry of this series of cryptomonedas). In this example you see a contin
the cybercriminal created a Twitter account quite similar to the original Elon Musk, the CEO of Tesla and Space-X (https: / / twitter.com / elonmusk) but by doubling the letter ‘o’, so that at first glance it could go unnoticed for users:
As you can see, taking advantage of the success of the Falcon Heavy launch by Space-X (that rocket that put a car in orbit and was able to ‘return’ to earth to be reused), malote He impersonates Elon Musk using his same profile photo and says he’s going to give an amount of ETH, so he needs us to send him a small portion of that same coin simply to have the address of our portfolio and make the entry… no need to tell you how to protect us from this attack, just think that no one gives out d
I don’t like that because I am.
Attacks on the Exchanges
When we buy cryptomonedas, we can store them in our own portfolio installed on a trusted computer or trust the Exchange where we have bought them and connected to the service to carry out the relevant operations. In this case, our cryptomonedas are stored in the Exchange and susceptible to an attack on the infrastructure And someone get access to our account. This happened for example to Mt. Gox, one of the first Exchanges and where I bought my first Bitcoin, a
he was stolen a total of 744,708 Bitcoins (about $5211 million at the current price of Bitcoin) by emptying all the portfolios that were stored on the site, which meant that users lost all their Bitcoins. I didn’t give the password I sure had your account, the cybercriminals They took advantage of a vulnerability in infrastructure to sneak into and empty the portfolios.
Unfortunately We can do absolutely nothing to protect ourselves against this attack., simply look for an Exchange that offers us confidence and, in any case, install a local portfolio and transfer our Bitcoins from the Exchange portfolio to our own… but in that case you have to keep in mind that your computer must be safe, be updated to avoid attacks, realiz
a regular backup so as not to lose your money with a simple hard drive failure, connect to a secure network so that no one can capture your computer traffic, do not have the processor of our computer with the bug that allowed us to steal information from our computer, that the router we connect to by WPA2 is correct
updated to avoid WPA2 failure by which they could connect to our WifiI don’t know if the remedy is worse than the disease. What does seem clear is that everything depends on the money you have on your wallet, if you have like me a few euros… for whatever it is, you can trust a third party (Exchange) to keep our portfolio, but If you already have a respectable amount of Bitcoin equal it’s much better to keep ‘under the mattress’ on your own computer.