Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Crypto ICOs Lose 10% of Funds to Hackers
#1
Phil Muncaster UK / EMEA News Reporter , Infosecurity Magazine

Quote:Almost $400m has been stolen from initial coin offerings (ICOs) in the past, with phishing the most commonly used technique for cyber-attackers, according to Ernst & Young.

The global consultancy’s latest research highlighted major risks in the capital raising process for new crypto-currency organizations.

Some 10% of all ICO funds are lost to hackers, who are “attracted by the rush, absence of a centralized authority and blockchain transaction irreversibility,” the report claimed.

Phishing nets attackers up to $1.5m per month either by tricking the recipient into making a fund transfer or handing over the private keys to their digital wallets.

“Criminals use DDoS attacks to disable the original site and publish phishing site addresses on web forums and social media that promote ICOs,” the report continued. “Investors, driven by FOMO, do not check the site, and transfer funds to the criminal’s address. The likelihood of crypto funds being returned is close to zero.”

Hackers also target the exchanges themselves: in fact, $2bn has already been lost globally via this route and the frequency of attacks is increasing, according to Ernst & Young.

“Most exchanges do not disclose policies and controls over personal data storage and use. This represents great value on the black market and chances of its misuse are high even without a breach,” the report claimed.

Arseny Reutov, blockchain security expert at Positive.com, explained that ICOs could do several things to protect themselves, starting with ensuring that the underlying code of smart contracts is purged of any vulnerabilities.

“Secondly, organizations must ensure that the web applications their ICO use are being monitored and protected in real time – all the security of the blockchain means nothing if a hacker can misdirect funds from the web page,” he added.

"Finally, there is the human factor. A major risk here is that open source intelligence will be used to target members of the team – our own research suggests that every ICO has a team member whose password can be found online. ICOs must do everything within their power to stop investors being tricked by phishing attacks.” 

the full article is here:https://www.infosecurity-magazine.com/ne...-funds-to/
Reply
#2
Please add source to your topics other wise it will be deleted
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Hackers Steal More Than $97M from Liquid Crypto Exchange mrtrout 0 530 08-23-2021 , 10:22 PM
Last Post: mrtrout
  Avira Crypto Terms of Service mrtrout 0 611 07-14-2021 , 08:20 AM
Last Post: mrtrout
  Google funds Linux maintainers to boost Linux kernel security Bjyda 0 847 02-24-2021 , 11:39 PM
Last Post: Bjyda
  US Moves to Forfeit 280 Crypto Accounts mrtrout 0 1,312 08-29-2020 , 02:41 AM
Last Post: mrtrout
  Blackbaud Hack: Universities lose data to ransomware attack mrtrout 0 1,203 07-24-2020 , 02:13 AM
Last Post: mrtrout

Forum Jump:


Users browsing this thread: 2 Guest(s)