According to the developers of Ethereum Classic, the hacker called the domain registry and impersonated the owner of Classic Ether Wallet to hijack the site (masquerading as an executive or higher-up is an old social engineering scam that is commonly used to gainvaluable data). With this kind of access, the hacker was able to redirect the domain to his own server. The hacker also inserted code on the site that enabled him to copy private keys users typed into the site, allowing the hacker to siphon funds from the victims' accounts.
In response, the Ethereum Classic team quickly notified users of the compromise through Twitter and had the site blacklisted. Users were initially greeted by a blocked notification and phishing warning, but the site has since been taken down.
Social engineering and other threats related to cryptocurrency
It’s been reported that cryptocurrency users have been significantly impacted by social engineering scams. Typically, the scammer starts by impersonating a victim and getting a service provider to give access to a phone or device linked to multiple accounts. As soon as access is granted, the scammer locks out the victim and takes everything he can from the accessible accounts. This is particularly disastrous for cryptocurrency holders since fund transactions are essentially irreversible.
Apart from social engineering, more sophisticated threats are also on the landscape, especially since cryptocurrency use is becoming more mainstream. Attackers are not limiting their targets to wallets or individuals, but are using malware to infect systems and devices for cryptocurrency-mining.
Social engineering tactics are always evolving, but the key is to recognize the threat. For offline scams like what was described above, always compare the communication received with typical behavior, past experiences and industry standards before giving away valuable information or access.
Also, do your best to secure third party services holding critical parts of your business. Make sure to put policies in place that protect access to your website and data storage.
For enterprises worried about their systems being impacted by cryptocurrency malware, regularly patching devices with the latest updates is advised.
Change your devices default credentials and enable device firewalls (especially for home routers).
Consult with IT administrators and security experts to put countermeasures and monitoring processes in place so you can prevent or mitigate advanced threats.
Trend Micro Solutions
In addition to the best practices mentioned above, users can look into solutions such as Trend Micro™ Security and Trend Micro Internet Security, which offer effective protection for threats to IoT devices using security features that can detect malware at the endpoint level. Connected devices are protected by security solutions such as Trend Micro Home Network Security, which can check internet traffic between the router and all connected devices. In addition, enterprises can monitor all ports and network protocols to detect advanced threats and protect from targeted attacks via Trend Micro™ Deep Discovery™ Inspector.
Like it? Add this infographic to your site: 1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).