Blockchain is becoming the main trend in the modern financial and IT industry. However, with the growing popularity of the technology, the number of hacker attacks and all kinds of fraud increase. Here’s a look at the most popular tricks used by cybercriminals to steal your personal data and digital assets.
Typosquatters create fake websites with domain names similar in spelling to the addresses of the most popular blockchain platforms. The main goal of hackers is to collect personal data from users who have not noticed the differences. In addition to making money on displaying ads, a typosquatter can attract a fairly large number of “missed” visitors to their site, who will enter their username and password, opening access to funds in cryptowallets and other confidential data.
The Sybil attack, named after the heroine of the book with dissociative personality disorder, was first described by John Dossier, a Microsoft researcher, in 2002. Using this type of attack, a hacker can fill the blockchain network with many fake nodes (Sybil-identifiers) and cause the system to crash. On large-scale break-ins, attackers can take control of most of the processing power or hashrate, reorder or cancel transactions, and block the transfer and acceptance of blocks. This increases the risk of attack 51% and double spending.
So far, not a single case of a successful Sybil attack on cryptocurrency platforms has been recorded. Using reliable proven consensus algorithms makes it too costly and impractical. However, there is no guarantee that hackers will not come up with better methods in the future.
The danger of an attack lies in the fact that, when gaining control over more than 50% of the resources of the blockchain network, scammers can create their own controlled blockchain, which will become the main one. This makes it possible to unhinderedly undo transactions that have already been made and implement a double-spend attack, as well as receive all new coins.
To date, several successful attacks 51% on crypto platforms are known. In January 2019, the Ethereum Classic blockchain became a victim. Hackers managed to steal $ 1.1 million and transfer cryptocurrency to Coinbase. After that, cybercriminals hacked the Gate.io exchange in the same way, but later returned half of the stolen amount.
Although it is difficult to trace transactions on the blockchain, hackers can intercept user data transmitted via the Internet, including logins and passwords for various services, messenger messages, emails, etc. Having gained access to confidential information, cybercriminals carry out many fraudulent financial transactions worth millions of dollars.
Worst of all, with this type of attack, users do not notice unauthorized interference. In addition, many people trust decentralized blockchain networks and are fully confident in their security. But the point is that only three nodes are responsible for 60% of transactions. Therefore, cybercriminals can intercept 20% of Bitcoin transactions by simply dividing one node.
Phishing is one of the most popular types of attacks used by hackers for easy money. As a rule, scammers use e-mail to send letters with malicious links or files, after which the computer is infected.
Victims may also be offered some kind of attractive service or investment opportunity with great benefit. As a result, users voluntarily disclose their personal data, such as phone or bank card numbers, logins, passwords, etc.
Unfortunately, blockchain does not guarantee absolute protection against hacks, especially if hackers have sufficient resources, time and “professional” skills. In order to keep your business safe, it is very important to apply advanced proven methods of protection, as well as to regularly inform users and investors about the possible risks.