What you need to know about Bitcoin wallet hacking 2018
Can your Bitcoin wallet be hacked? The answer to that is without a doubt yes. However, you may be surprised to know that in a lot of cases hackers don’t need elaborate techniques to hack someone. Usually, Bitcoin wallets are hacked due to the carelessness of their owners. Here are 9 ways your Bitcoin wallet could be hacked.
1. Email Phishing
Phishing is a classic technique used to hack everything, and it does not involve that much effort from the hacker’s side. In case you’re not familiar with phishing, here’s how it works. Hackers send you an email that looks very much like one from a service you use. It could look completely legitimate/identical. The email could claim that your account has been compromised or that you need to review something by clicking the link in the email. You open the link and see a website asking you to log in. Seeing as the website has an identical design to the legitimate one, you log in without thinking, and now hackers have your account details. To prevent this from happening, first of all, check that the email is actually from the company it claims to be from. Second, check the URL of the website you are led to and make sure it matches the legitimate one.
2. Fake ads in search engines
This is a popular technique, with hackers placing advertisements for their fraudulent services high in search engines. You open your prefer search engine, search for cryptocurrency related things, click on one of those ads that appear at the top of the results and you’re on a fraudulent cryptocurrency website aiming to scam you.
3. The copy paste technique
This is a very sneaky technique and it involves hackers changing the wallet address when you copy it. Let’s say you want to transfer some Bitcoin to a certain address. You copy the address and then paste it in your wallet when transferring funds and hit OK. You may or may not notice that the address is different from the one you copied. There are special programs, such as CryptoShuffler, that change the wallet address you copied when you paste it into your own wallet. So essentially, you would be transferring hackers Bitcoin yourself.
4. Changing site URLs
By changing site URLs, hackers can redirect you to their own websites that are identical to the one you wanted to enter. When you start typing the URL of the Bitcoin wallet related website, it is sneakily changed into the hacker’s controlled one. The site may look identical to the one you intended to enter so you may not think twice about entering your account details.
5. Browser Extensions
With how popular cryptocurrencies are, there are plenty of browser extensions that supposedly enhance your trading experience. While some may do that, you need to be careful of fraudulent ones. They could be advertised as very useful, have plenty of fake positive reviews and thousands of downloads, but may actually record what you type. If you were to log into your wallet, the extension may record it and then malicious parties would have your account credentials.
6. Hacked smartphone apps
Smartphone apps, the same as browser extensions, could also compromise your accounts. Fraudulent apps are constantly created and made to seem as it they’re legitimate crypto exchange apps, users start trading with them only to soon realize that they’re merely transferring money to scammers. Just as you should be careful with regular apps you download and install onto your device, choose crypto trading apps very carefully. Always read reviews, check the reputation and look into the company behind it.
7. WiFi Hacking
WiFi may be hacked to show hackers the data that goes through the WiFi network. While you are safe when using your secured home WiFi, be careful about the pubic ones. You should not log into any sensitive accounts on public WiFi without a VPN because otherwise, you could be compromising them.
8. SMS 2FA
Two-factor-authentication is a common method to secure accounts as users can only log in if they put in the code that is sent to their phones via SMS. However, malicious parties have found a way to intercept SMS two-factor-authentication, allowing them access to the “secured” accounts.
9. Slack Hacking Bots
This hacking technique involves hackers sending you false security warnings related to your wallet account with links provided in the messages. You press on the link, get redirected to fraudulent websites, put in your account details, and suddenly, the hackers have access to your account.
10. ICO Hacking
With various ICOs managing to get millions of dollars in funding, it’s not surprising that malicious parties also want in on it. However, instead of creating worthwhile projects that would get them the funding, they resort to stealing from others. And here are ways ICO can fall victim to a hack.
11. Changing the wallet address
In a rather simple hack, a hacker was able to steal $7.4 million worth of cryptocurrency from the CoinDash ICO. Back in summer 2017, CoinDash were hosting an ICO in order to raise funds only to have their website compromised during the event. For the ICO, CoinDash had posted its wallet address in order to receive the funds, but the hacker managed to change the address into one in his/her control. The hack was noticed within several minutes but it was enough time for the hacker to steal $7.4 million worth of cryptocurrency.
12. Coding bugs in smart contracts
A smart contract coding company Parity reported back in July 2017 that their wallet software had a vulnerability that was a result of a bug in a multi-signature contract wallet.sol. By the time the report was issued however, $30 million worth of ethers had been stolen.
13. Fake token pre-sales
In a rather elaborate hack, hackers launched a token pre-sale for the Enigma blockchain project and managed to steal $500,000. The malicious parties took over the project’s website, mailing list and an administrator account, and sent emails on behalf of the actual team behind the project to potential investors. People, thinking it was an actual pre-sale started transferring funds, with half a million dollars landing in the hands of the hackers.
14. System Hacks
A dollar-pegged cryptocurrency company Tether reported that their systems have been hacked, which resulted in a token theft, which were worth $30 million.
Operators of a website mybtgwallet.com managed to scam unsuspecting users and take off with $3.3 million. In order to carry out the scam, the scammers urged users to submit private keys/recovery seeds to generate Bitcoin gold wallets. The funds in those wallets were later stolen by the site operators.
16. In-house PC hacking
NiceHash, a well-known marketplace for mining power, became a victim of a hack that results in around 4700 Bitcoin stolen (then worth $78 million). It was later discovered that an employees computer was compromised, which allowed hackers to gain access to the systems and steal the Bitcoin.
On a different note, you should also beware of a couple of more things when it comes to cryptocurrencies.
17. Bitcoin Miner Trojan
You probably have already heard of this, but a prominent threat to computer users is a miner trojan. It’s a kind of malware that installs onto your computer without you noticing and starts using your computer’s resources to mine for cryptocurrency. While it does not do any long-lasting damage to your computer, it will disrupt your regular computer use while it’s running. Your computer will slow down, programs will lag and you will experience other issues. If you notice that your computer is behaving strangely, check your Task Manager for unusual processes using a lot of your computer’s CPU. If you discover a miner, delete it immediately.
18. Bitcoin Mining Pool and Exchange hacking
If one manages to successfully target ISPs and compromise Border Gateway Protocol (BGP), he/she could be able to hack a mining pool and take advantage of the processing power compilid there. If the service is compromised, the hacker could redirect traffic from the hacked mining pool to their own.