Bitcoin Scams, Hacks and Heists – and How to Avoid Them

Scams

Here’s how cybercriminals target cryptocurrencies and how you can keep your bitcoin or other crypto safe

April 15, 2024
•
,
6 min. read

Bitcoin is on a tear. The world’s largest digital currency by market capitalization surpassed its previous record value of nearly $69,000 in early March. It is now worth an estimated $1.3 trillion. Yet the fluctuating value of cryptocurrency does not necessarily correspond to the level of cybercrime activity we can observe. In fact, crypto threats have been thriving for years.

Right now, the world of crypto is gearing up for a bitcoin halving that will happen later this month. These events not only attract significant media attention and public interest in cryptocurrencies, but also attract malicious actors looking to exploit the hype around them to launch phishing scams or fraudulent investment schemes that target unsuspecting individuals.

Let’s take a look at what you need to know and do to keep your digital currency safe.

Cryptocurrency risk takes different forms

Owning crypto can be attractive to many, for its (pseudo)anonymity, low transaction costs and as an alternative investment option. But the crypto space is also something of an unregulated Wild West. Threat actors are primed and ready to mercilessly exploit any users who lack digital skills – through scams and sophisticated malware. In some cases, they may bypass you entirely and go to crypto exchanges and other third parties.

We can divide the main threats into three types: malware, scams and third-party breaches.

1. Malware and malicious applications

Detections of malware specifically designed to steal cryptocurrency from users’ wallets (crypto-stealers) increased by 68% from H1 to H2 2023, according to the latest ESET threat report. One of the most popular is Lumma Stealer, aka LummaC2 Stealer, which targets digital wallets, user credentials, and even two-factor authentication (2FA) browser extensions. It also exfiltrates information from compromised machines. Detections of this particular crypto stealer – provided as a service to cybercriminals – tripled between H1 and H2 2023.

Other crypto-stealing malware threats include:

Crypto drainers: a malware type designed to identify the value of assets in your wallet(s), use malicious smart contracts to quickly siphon off funds, and then use mixers or multiple transfers to track it hidden. One variant, MS Drainer, stole an estimated $59m over a nine-month period. wallet account addresses Crypto-stealing malware is often found hidden in fake apps. Recently, for example, ESET researchers found dozens of ClipBanker malware variants in trojanized WhatsApp and Telegram apps designed to lift crypto wallet addresses sent by users in their chat messages. Botnet malware such as Amadey, DanaBot and LaplasBanker may also contain functionality to steal crypto wallet information

2. Scams and social engineering

Sometimes the bad guys omit malware altogether, and/or combine it with carefully crafted attacks designed to capitalize on our gullibility. Watch out for the following common scams targeting cryptocurrency:

Phishing techniques are frequently used to trick victims into clicking on malicious links designed to steal crypto wallet information/funds. In the case of crypto drainers, the first point of contact is often ads on fake social media accounts that are faked to look like legitimate high-profile accounts. Users are then directed to a phishing site spoofed to look like a real token distribution platform, and then asked to link their wallets to the site. The victim will then be presented with a (malicious) transaction to sign, which will automatically drain their wallet of funds. Victims lost $47 million in February to this type of scam. Impersonating celebrities is a common trick for scammers. They will create a fraudulent social media account and impersonate popular figures such as Elon Musk to introduce fake crypto donations or publicize fake investment opportunities. These accounts will contain malicious links and/or request direct crypto deposits from victims. Romance scams netted scammers more than $652 million last year, according to the FBI. Fraudsters build a relationship with their victims on dating sites and then concoct a story and ask them for funds – possibly via hard-to-trace crypto. Investment scams are the most profitable cybercrime type of all, making the bad guys more than $4.5 billion in 2023, according to the FBI. Unsolicited emails or social media ads lure victims with the promise of huge returns on their crypto investments. They will usually link to a legitimate investment program or website. However, this is all fake, and your money will never be invested. Pig Slaughter is a combination of romance and investment fraud. Victims are lured into a false sense of security by scammers they meet on dating sites, who then try to persuade them to invest in fictitious crypto schemes. Some may even pretend the user is making money on their ‘investment’ – until they try to withdraw funds. Last year, the US Department of Justice seized more than $112 million from pork slaughter operators in one fell swoop. Pump and dump schemes work when scammers invest in a token/share and then heavily promote it to drive up the price, before selling it at a profit, leaving genuine investors with almost worthless assets. Market manipulators of this ilk may have made over $240 million last year by artificially inflating the value of Ethereum tokens.

3. Third party hacks

Do you think your crypto is safe in an exchange or other legitimate third-party organization? Think again. Cybercrime groups and even nation states are targeting such entities with increasing frequency and success. According to the UN, North Korean hackers have stolen at least $3 billion worth of crypto since 2017, including $750 million last year alone. A lack of regulatory oversight means it is difficult to hold crypto exchanges accountable in the event of a serious breach, while the decentralized nature of digital currency makes recovering funds challenging.

It’s not just exchanges that can be targeted. Credentials stolen from password manager firm LastPass in 2022 may have been used to steal as much as $35 million from security-conscious customers.

Crypto defense 101

Fortunately, best practice security rules still apply in the crypto world. Consider the following to keep your virtual assets under lock and key.

Only download apps from official app stores and never download pirated software Make sure your device is loaded with anti-malware software from a trusted vendor Use a password manager for long, unique passwords on all accounts Use 2FA for your wallet and device Be skeptical : don’t click on links in unsolicited attachments or on social media ads/posts – even if they appear to be from legitimate sources Store your crypto in a “cold wallet” (ie one not connected to the internet is not) like Trezor as this will insulate it from online threats Always do your research before making any crypto investments. Always keep devices and software updated Avoid logging into public Wi-Fi without a virtual private network (VPN) Never send strangers crypto – even if you’ve ‘met’ them online Before choosing an exchange, do ‘ a little research to check their security credentials Separate your crypto trading from your personal and work devices and accounts. This means using a dedicated email address for your wallet Don’t brag online about the size of your crypto wallet/portfolio

Clearly, cybercriminals have taken note of the widespread fascination with cryptocurrencies and their staggering rise in value. After all, they tend to gravitate towards opportunities where significant financial gains are involved. That’s why it’s crucial that you stay sharp and take other precautions to make sure your crypto stays out of the clutches of cybercriminals.