$10M ethereum blockchain stolen in social engineering scheme

Avatar By Le Williams | 1 year ago

Kaspersky Lab’s security experts have uncovered the methods in which cybercriminals were able to hijack more than 21,000 in Ethereum (ETH) (worth around $10 million) through social engineering attacks over the past year.

According to a Cointelegraph Deutsch report on July 12, cybercriminals have triggered more than a hundred thousand alarms on security software in connection with cryptocurrencies since the beginning of 2018.

Kaspersky Lab highlights how scammers particularly single out investors interested in Initial Coin Offerings (ICO), using fake websites and phishing emails containing an e-wallet number to trick their targets out of money.

The report mentions the Switcheo ICO as an example, stating that criminals stole more than $25,000 worth of crypto by posting a fake offer on a Twitter account claiming to be associated with the ICO.

Another social engineering scam includes the fake “cryptocurrency giveaway,” where victims are promised a higher payout of the same cryptocurrency later in return for a small sum of cryptocurrency now. The report describes the popularity of using fake social media accounts purporting to be well-known personalities, such as business magnate Elon Musk and Telegram founder Pavel Durov, for this scam.

“The success criminals have enjoyed suggests that they know how to exploit the human factor, which has always been one of the weakest links in cybersecurity, to capitalize on user behaviors”, Demidova states.

Kaspersky Lab, which traditionally focuses on protection against malware such as viruses, Trojans, and ransomware, has already been keeping an eye on criminal behaviors involving cryptocurrencies.

The company warned cryptocurrency owners in November 2017 against a trojan that replaces the wallet address on a user’s clipboard in order to redirect cryptocurrency transactions to scammers.