Ascryptoregainsitsvalueandevenmorevaluabletokensarelaunched,attacksagainstindividualwalletsareaccelerating.OnlyinthefirsttwoweeksofOctober,around$41Mwaslosttophishingattacks.
Morethan$41MwaslosttophishingattacksinOctobersofar.EstimatesonphishingattacksinSeptembercountincidentsthatstole$46M.Certik’sestimationismuchhigher,withanincreaseinalltypesofattacksinQ3.Asmorenewcomerstryoutcrypto,walletphishingandmaliciouslinksarebecomingmorecommon.Inthepast24hoursalone,anotheraccountlost$1.57Maftersigningapermit.
🚨3hoursago,anothervictimlost$1.57Maftersigninga\"permit\"phishingsignature.💸pic.twitter.com/wDGZIMdJ7N
—ScamSniffer|Web3Anti-Scam(@realScamSniffer)October15,2024
DefiHackLabsdiscoveredatotalofeightexploitsinOctober,withattackvaluesrangingfrom$100Kto$2.4M,dependingonindividualwallets.Thesumisrelativelysmallcomparedtotheoverallexploitsofexchangesinthepastfewweeks.However,theubiquityoftheattacksandtheeffectsonretailtradersmakephishingoneofthesignificantthreatsinWeb3usage.
Thelosseswerealsomuchhardertorecover,ashackersmovedthemthroughDEXormixers.PhishinghacksaddtothelossesfrommoreelaborateattackslikethevalidatoraddresshacksandMEVexploits.
Phishingattacksusuallyaskforactionstobesignedthroughtheuser’swallet,basedondemandstoapproveacontractorsignanothertypeoftransferorpermission.Fakephishingtokensalsotargetwalletswithcryptobalances,inanattempttoredirectfundstoafakeaddress.Permitphishingisespeciallyharmful,asitcangainpermissiontomovemultipletokens.Onesuchexamplehappenedjustdaysagowhenawalletwashackedfor$1.4Mworthofmemetokens.
Thosetypesofattackshaveexistedbefore,butareacceleratinginOctober,duetoaninflowofusers.MostoftheattacksaffectEthereum,oneofthemostliquidchains,withwell-understoodsmartcontracts.Hackersoftenuseopen-sourcecontractstogeneratemaliciouslinksorevenspecificallybuiltsmartcontractsthatlookrealistic.
HackedXaccountsdeliverfakelinks
AsthecryptocommunityismostlyactiveonX,accountsareatriskofhacking.Octoberisanextremelyriskyperiod,asthememetokenfrenzycoincideswiththegeneralmarketrecovery.Allassetsarefairgame,fromBTCandbluechipstothelastnewmemetokenthatmaygrow1,000timesormore.
OneoftheattackvectorshackedXhandles,sometimesbelongingtoinfluencersormemetokenaccounts.Insteadofsigningtobuyatoken,usersseetheirwalletsemptied.Evenpressing‘connectwallet’toalinkfromsocialmediamaycostalltheassetswithinthatwallet.Sometimes,amaliciouslinkwillbemaskedasatokenrecoverytoolorevenaprotectionagainsthacks.
LinksmayappearthroughGoogleads,invitinguserstonewchains.Again,thescamwebsitewillasktheusertoconnectawallet–andinthatcase,thebestapproachistoonlyriskthetestwithanewemptywallet.
Promisingairdropsorpointfarmingisalsoawaytoconvinceuserstoputtheirskepticismtosleepandgrantpermissiontotheirwallets.OneofthelatestXhandlestobehackedbelongedtotheSPX6900hotmemetoken,exposingpotentialbuyerstoamaliciousaddress.Sometimes,linkshideinwhatseemslikeharmlessoffersordownloadlinks.Withmorenewcomerstomemetokens,keepingtheirwalletsreadyfortradingatalltimes,suchincidentswillonlyaccelerate.
Scamadvertisingonsocialmedia,aswellasscamreplies,areoftenanothercarrierofmaliciouslinks.CompromisedDiscordserversorexpiredinvitations,aswellascallstoinstallsoftware,maydrainwallets,oreveninstallsoftwaretocompromiseprivatekeys.
cryptopolitan.com