Fraud and Scams

4 Key Tips to Safeguard Your Crypto Assets from Hackers in This Bull Market

From selecting a reliable exchange to establishing robust security measures for DeFi protocols, security experts offer key advice to safeguard your crypto and prevent it from ending up in the wrong hands.

As we approach the next bull market, crypto users and projects need to remain vigilant, guarding against unreliable exchanges, vulnerable decentralized finance (DeFi) protocols, and the continuous threat of sophisticated phishing scams.

In January, attackers executed 30 hacks, absconding with more than $182.5 million, which represents a staggering 771% increase compared to January 2023 and an almost 84% rise from December, as per PeckShield’s data.

February set a new record for exploiters, witnessing thefts surpassing $380 million—more than double the amount stolen in January. Notably, PlayDapp lost at least $290 million, FixedFloat faced a $26 million breach, and Axie Infinity co-founder Jeff Zirlin saw $9.7 million pilfered.

“Crypto safety begins with education,” emphasized Eric Jardine, Chainalysis cybercrime research lead, stating, “For users, awareness is always crucial.”

Jardine pointed out that crypto protocols often offer extensive transparency because of their open-source nature. This transparency is beneficial for users interested in auditing the code, but it also provides opportunities for malicious actors to “scrutinize the scripts for weaknesses and strategize their exploits well ahead of time.”

“Before engaging with platforms and DeFi protocols, do your research,” advised Jardine. “Familiarize yourself with their security measures and strategies, and stay informed about how the platform is improving these aspects.”

Verify, and double-check for assurance

In 2023, phishing scams impacted more than 324,000 crypto users, leading to approximately $295 million in losses, according to analysis by Scam Sniffer.

The anti-scam platform informed Cointelegraph that “social media contains the highest number of scam links,” highlighting that these platforms frequently feature advertisements that link to malicious websites.

Pan Tao, a security researcher at Beosin, cautioned that phishing attacks on X, often masquerading as Ethereum staking opportunities and token airdrops, “have recently become frequent and effective.”

On February 25, phishing attackers breached the X account of MicroStrategy, managing to steal at least $440,000 by emptying wallets through a scam token airdrop.

The attacker allegedly steered users towards a deceptive website, microsfrategy.com, mimicking the legitimate one.

Scam Sniffer advises users to verify website URLs from multiple sources and comprehend the contract’s functionality before authorizing a transaction.

Pan Tao cautioned that drainer-as-a-service tools, like the ones employed in the deceptive airdrop, have evolved into a “mature and convenient phishing tool.” Attackers are known to promote scams on both Google and X platforms.

Ensuring the security of your Centralized Exchange (CEX)

Tao from Beosin noted that numerous newcomers to the cryptocurrency world often make their initial digital asset purchases through a centralized exchange (CEX), which is controlled by a single entity.

However, there have been instances of “several CEX scams,” including significant customer fund thefts by FTX and accusations of fraud perpetrated by JPEX against its users.

Tao recommended that the selection criteria for a secure, centralized exchange should include verifying that the exchange is licensed “or at a minimum, regularly publishes proof of its reserves.”

Additionally, the exchange should have “no issues with withdrawals or exorbitant withdrawal fees,” as well as provide “prompt customer service with clear and direct responses.”

Safeguard your private keys

DeFi protocols need to prioritize security measures that address vulnerabilities both on and off the blockchain, according to Jardine.

While on-chain vulnerabilities, particularly in smart contracts, dominated DeFi hacking incidents in 2023, Jardine observed a shift throughout the year. Compromised private keys became a more significant factor, driving a larger share of hacks in the second half of the year.

The critical lesson for DeFi protocols is that their security measures need to extend beyond on-chain vulnerabilities and smart contracts, particularly as off-chain vulnerabilities become increasingly prevalent.

Jardine recommends that projects establish systems to monitor on-chain activity for potential vulnerabilities. Some firms provide products capable of alerting and responding to cyberattacks, enhancing security for third-party integrations and facilitating communication with at-risk customers.

Highlighting improved security practices in DeFi protocols, Jardine noted that losses from protocol hacks decreased by approximately 64% year-on-year, amounting to $1.1 billion for the year 2023, according to Chainalysis data.

Leave a Comment

Leave a Reply