The Common Tactics Used to Hack a Cryptocurrency Exchange

A lot of amateur cryptocurrency traders and retail investors are starting to lose interest in this booming industry because of the lengthy and painful decline on the market of digital currencies.

Few of those who purchased Bitcoin for $20,000 believe they can sell their funds at the same rate, not to mention any chance of profit. That’s because brokers still cannot break the back of traders and move down to the critical psychological threshold of $5,000.

In spite of that, the cryptocurrency business continues to evolve and scale. This primarily applies to specialized trading platforms. While the failed investors are feeling helpless, new players are entering the game, including Goldman Sachs and Intercontinental Exchange (ICE), the parent company of the New York Stock Exchange (NYSE).

Goldman Sachs is planning to allow its customers to trade Bitcoin futures, whereas ICE will offer swap contracts to banks so that clients can get their cryptocurrency the day following the purchase transaction.

While some low-skilled investors are abandoning the business, the big names are just starting to break new ground that has a huge potential. With that said, it’s quite likely that cybercriminals will target this industry more heavily.

Security analysts single out several main techniques used by threat actors to hack cryptocurrency trading platforms. The list below reflects the common attack vectors and highlights the countermeasures that every user of these platforms should follow.

Phishing emails

Imagine the following scenario: security systems of the cryptocurrency exchange you are using have purportedly detected suspicious activity in your account. In response to this, the service has sent a notification to the email address you indicated in your profile. The message contains a hyperlink and a recommendation to change your password immediately in order to prevent your funds from being stolen.

Despite the whole simplicity of this scheme, many newbies have actually got on the hook and continue to fall for it. If you follow that link, there will typically be several fields to fill out: your old password, new password, and confirmation of the new password. This way, while trying to maintain control of their funds, lots of traders unknowingly hand them over to crooks.

There are several simple rules that will keep you safe:

• Do not open emails from unknown sources.
• Do not send your personal information to third parties.
• Scrutinize the sender’s email address: messages from major exchanges are usually sent from official domains.

Phishing sites

All cryptocurrency traders are, obviously, literate people. However, when it comes to typing the name of an exchange in the address bar correctly, or visiting its website via a hyperlink, many of them overlook misspellings and a missing security verification icon in the browser.

As soon as such hapless traders enter their username and password, the malefactors obtain virtually all the credentials they need to access the account. The only way to avoid this fraud is to pay close attention to detail, because phishing-related copycats of popular trading platforms are unlikely to vanish in the near future.

• Bookmark your main trading website and visit it only by clicking this bookmark.
• Always use the best VPNs that encrypt your traffic.

Email hacking

The email linked to one’s account at a cryptocurrency exchange tends to be targeted by hackers just as heavily as the account itself. Having taken control of your email, a perpetrator can send a password recovery request, set a new temporary password and easily transfer the funds to their own wallets. Two-factor authentication (2FA) is the most effective protection mechanism in this case that prevents third parties from accessing your account.

TeamViewer as an entry point

Unfortunately, even two-factor authentication doesn’t ensure ultimate security if Google Authenticator is embedded in a web browser on a PC. With the TeamViewer tool installed, chances are that the attacker will get access to TOTP authentication codes in real time and leverage them to hack into your profiles at the exchange.

2FA is effective as long as the application is installed on another device such as a smartphone. This reduces the risk of being hacked considerably.

A lot of cryptocurrency exchange users neglect the fundamental security practices because they are sure they will never get in trouble like the customers of Mt. Gox and Coincheck did. However, even the most sophisticated trading platforms have a number of covert vulnerabilities that threat actors can potentially exploit to hack the system.

Some people might find the enabling of two-factor authentication redundant, but you should keep in mind at all times that the black hats can outwit even the most successful traders. So, it’s imperative to follow a few basic and simple guidelines that will significantly reduce the risk of losing assets in the aftermath of hacker attacks and scams.

The author, David Balaban, is a computer security researcher with over 15 years of experience in malware analysis and antivirus software evaluation.