CommunitySubmission-Author:WhoTookMyCrypto.com
2017wasaremarkableyearforthecryptocurrencyindustryastheirrapidincreaseinvaluationspropelledthemintomainstreammedia.Unsurprisingly,thisgarneredthemimmenseinterestfromboththegeneralpublicaswellascybercriminals.Therelativeanonymityofferedbycryptocurrencieshasmadethemafavouriteamongstcriminalswhooftenusethemtobypasstraditionalbankingsystemsandavoidfinancialsurveillancefromregulators.
Giventhatpeoplearespendingmoretimeontheirsmartphonesthandesktops,itisthusnotsurprisingthatcybercriminalshavealsoturnedtheirattentiontothem.Thefollowingdiscussionhighlightshowscammershavebeentargetingcryptocurrencyusersthroughtheirmobiledevices,alongwithafewstepsthatuserscantaketoprotectthemselves.
Fakecryptocurrencyapps
Fakecryptocurrencyexchangeapps
Themostwell-knownexampleofafakecryptocurrencyexchangeappisprobablytheoneofPoloniex.PriortothelaunchoftheirofficialmobiletradingappinJuly2018,GooglePlaywasalreadylistingseveralfakePoloniexexchangeapps,whichwereintentionallydesignedtobefunctional.ManyusersthatdownloadedthosefraudulentappshadtheirPoloniexlogincredentialscompromised,andtheircryptocurrencieswerestolen.SomeappsevenwentastepfurtherrequestingthelogincredentialsofusersGmailaccounts.Itisimportanttohighlightthatonlyaccountswithouttwo-factorauthentication(2FA)werecompromised.
“蔡文勝朋友”地址昨晚從Compound贖回1.8萬枚ETH并向幣安轉入8000枚:1月10日消息,加密推特KOL@Bit余燼發推表示,“蔡文勝朋友”相關地址昨晚從Compound贖回1.8萬枚ETH,就在剛剛將其中8000枚ETH轉入幣安。[2023/1/10 11:03:39]
Thefollowingstepscanhelpprotectyouagainstsuchscams.
Checktheexchange’sofficialwebsitetoverifyiftheyindeedofferamobiletradingapp.Ifso,usethelinkprovidedontheirwebsite.Readthereviewsandratings.Fraudulentappsoftenhavemanybadreviewswithpeoplecomplainingaboutgettingscammed,somakesuretocheckthembeforeyoudownload.However,youshouldalsobescepticalofappsthatpresentperfectratingsandcomments.Anylegitimateapphasitsfairshareofnegativereviews.Checktheappdeveloperinformation.Lookforwhetheralegitimatecompany,emailaddress,andwebsiteareprovided.Youshouldalsoperformanonlinesearchontheinformationprovidedtoseeiftheyarereallyrelatedtotheofficialexchange.Checkthenumberofdownloads.Thedownloadcountshouldalsobeconsidered.Itisunlikelythatahighlypopularcryptocurrencyexchangewouldhaveasmallnumberofdownloads.Activate2FAonyouraccounts.Althoughnot100%secure,2FAismuchhardertobypassandcanmakeahugedifferenceinprotectingyourfunds,evenifyourlogincredentialsarephished.Fakecryptocurrencywalletapps
數據:FTX US從Compound贖回2055枚WBTC并轉至幣安關聯地址:11月8日消息,據PeckShield監測顯示,標記為FTX US的地址已從Compound贖回了約2055枚WBTC(約4000萬美元)并轉移到幣安關聯地址,該地址在過去1小時內從幣安接受約1430萬枚BUSD。[2022/11/8 12:32:07]
Therearemanydifferenttypesoffakeapps.Onevariationseekstoobtainpersonalinformationfromuserssuchastheirwalletpasswordsandprivatekeys.
Insomecases,fakeappsprovidepreviouslygeneratedpublicaddressestousers.Sotheyassumefundsaretobedepositedintotheseaddresses.However,theydonotgainaccesstotheprivatekeysandthusdonothaveaccesstoanyfundsthataresenttothem.
SuchfakewalletshavebeencreatedforpopularcryptocurrenciessuchasEthereumandNeoand,unfortunately,manyuserslosttheirfunds.Herearesomepreventivestepsthatcanbetakentoavoidbecomingavictim:
Theprecautionshighlightedintheexchangeappsegmentaboveareequallyapplicable.However,anadditionalprecautionyoucantakewhendealingwithwalletappsistomakesurebrandnewaddressesaregeneratedwhenyoufirstopentheapp,andthatyouareinpossessionoftheprivatekeys(ormnemonicseeds).Alegitimatewalletappallowsyoutoexporttheprivatekeys,butitisalsoimportanttoensurethegenerationofnewkeypairsisnotcompromised.Soyoushoulduseareputablesoftware(preferablyopensource).Eveniftheappprovidesyouaprivatekey(orseed),youshouldverifywhetherthepublicaddressescanbederivedandaccessedfromthem.Forexample,someBitcoinwalletsallowuserstoimporttheirprivatekeysorseedstovisualizetheaddressesandaccessthefunds.Tominimizetherisksofkeysandseedsbeingcompromised,youmayperformthisonanair-gappedcomputer(disconnectedfromtheinternet).Cryptojackingapps
DeFi平臺Furucombo代理遭攻擊 建議用戶取消對該合約的代幣批準:剛剛,DeFi聚合平臺Furucombo官方發布推文稱:“北京時間2月28日00:47,Furucombo代理被攻擊者入侵。我們已經取消了相關組件的授權,并相信漏洞將被修補,但我們建議用戶出于充分的謹慎取消批準。我們正在努力進行下一步工作,并將盡快更新我們的社區。請盡快從https://approved上取消你對我們合約的代幣批準。智能合約:0x17e8Ca1b4798B97602895f63206afCd1Fc90Ca5f。”[2021/2/28 17:59:31]
Cryptojackinghasbeenahotfavoriteamongstcybercriminalsduetothelowbarrierstoentryandlowoverheadsrequired.Furthermore,itoffersthemthepotentialforlong-termrecurringincome.DespitetheirlowerprocessingpowerwhencomparedtoPCs,mobiledevicesareincreasinglybecomingatargetofcryptojacking.
Apartfromweb-browsercryptojacking,cybercriminalsarealsodevelopingprogramsthatappeartobelegitimategaming,utilityoreducationalapps.However,manyoftheseappsaredesignedtosecretlyruncrypto-miningscriptsinthebackground.
Therearealsocryptojackingappsthatareadvertisedaslegitimatethird-partyminers,buttherewardsaredeliveredtotheappdeveloperinsteadoftheusers.
Tomakethingsworse,cybercriminalshavebecomeincreasinglysophisticated,deployinglightweightminingalgorithmstoavoiddetection.
Cryptojackingisincrediblyharmfultoyourmobiledevicesastheydegradeperformanceandaccelerateswearandtear.Evenworse,theycouldpotentiallyactasTrojanhorsesformorenefariousmalware.
ZG.COM于2月4日10:00上線NFT-Hero代幣SH并開啟卡牌搶購活動:近日,ZG.COM與火幣生態鏈明星項目NFT-hero達成合作,ZG.COM于2月4日10:00開啟SH和XMQCARD充提,于2月4日17:00上線SH/USDT交易對。
同時,為了方便用戶參與,ZG.COM將于2月4日至2月6日每天12:00開啟搶購西門慶卡牌XMQCARD活動,用戶可使用USDT或SH參與搶購,每天限量出售300張卡牌,每張卡牌對應一個XMQCARD代幣,先到先得。活動期間,交易SH還可贏取額外西門慶卡牌。
據悉, NFT-Hero是火幣生態鏈Heco上首款NFT收集挖礦GameFi項目,通過質押Heco鏈上資產可以獲得NFT卡牌,同時收集NFT卡牌可以挖礦獲得項目治理通證SH。[2021/2/4 18:51:25]
Thefollowingstepscanbetakentoguardagainstthem.
Onlydownloadappsfromofficialstores,suchasGooglePlay.Piratedappsarenotpre-scannedandaremorelikelytocontaincryptojackingscripts.Monitoryourphoneforexcessivebatterydrainingoroverheating.Oncedetected,terminateappsthatarecausingthis.Keepyourdeviceandappsupdatedsothatsecurityvulnerabilitiesgetpatched.Useawebbrowserthatguardsagainstcryptojackingorinstallreputablebrowserplug-ins,suchasMinerBlock,NoCoin,andAdblock.Ifpossible,installmobileantivirussoftwareandkeepitupdated.Freegiveawayandfakecrypto-minerapps
Theseareappsthatpretendtominecryptocurrenciesfortheirusersbutdon’tactuallydoanythingapartfromdisplayingads.Theyincentivizeuserstokeeptheappsopenbyreflectinganincreaseintheuser’srewardsovertime.Someappsevenincentivizeuserstoleave5-starratingsinordertogetrewards.Ofcourse,noneoftheseappswereactuallymining,andtheirusersneverreceivedanyrewards.
Finance.vote通過私募融資96萬美元 Bitcoin.com等參投:旨在加強加密網絡管理的去中心化系統Finance.vote宣布,通過私募獲得96萬美元資金,投資者包括Ascensive Asset Management、A195 Capital、Origin Capital、BTC12和Bitcoin.com。這輪超額認購是在該公司獲得42萬美元種子輪融資之后進行的。
據悉,Finance.vote正在為DeFi開發一個共識層,作為下一代投票技術和加密經濟游戲。其方案包括三個重要因素:首先,Finance.vote投票市場將獎勵用戶對某些代幣表現的研究。如果他們是正確的,他們會得到獎勵。其次是第二層治理系統,將充當miniDAO,允許用戶建立影響力。最后是一個無需信任的社交交易系統,將為用戶提供與其他用戶一起管理資金的機會。(Globenewswire)[2020/9/22]
Toguardagainstthisscam,understandthatforthemajorityofcryptocurrencies,miningrequireshighlyspecializedhardware(ASICs),meaningitisnotfeasibletomineonamobiledevice.Whateveramountsyouminewouldbetrivialatbest.Stayawayfromanysuchapps.
ClipperappsSuchappsalterthecryptocurrencyaddressesyoucopyandreplacethemwiththoseoftheattacker.Thus,whileavictimmaycopythecorrectrecipientaddress,theonetheypastetoprocessthetransactionisreplacedbythoseoftheattacker.
Toavoidfallingvictimtosuchapps,herearesomeprecautionsyoucantakewhenprocessingtransactions.
Alwaysdoubleandtriplechecktheaddressyouarepastingintotherecipientfield.Blockchaintransactionsareirreversiblesoyoushouldalwaysbecareful.Itisbesttoverifytheentireaddressinsteadofjustportionsofit.Someappsareintelligentenoughtopasteaddressesthatlooksimilartoyourintendedaddress.SIMswappingInaSIMswappingscam,acybercriminalgainsaccesstothephonenumberofauser.TheydothisbyemployingsocialengineeringtechniquestotrickmobilephoneoperatorsintoissuinganewSIMcardtothem.Themostwell-knownSIMswappingscaminvolvedcryptocurrencyentrepreneurMichaelTerpin.HeallegedthatAT&Twasnegligentintheirhandlingofhismobilephonecredentialsresultinginhimlosingtokensvaluedatmorethan20millionUSdollars.
Oncecybercriminalshavegainedaccesstoyourphonenumber,theycanuseittobypassany2FAthatreliesonthat.Fromthere,theycanworktheirwayintoyourcryptocurrencywalletsandexchanges.
AnothermethodcybercriminalscanemployistomonitoryourSMScommunications.Flawsincommunicationsnetworkscanallowcriminalstointerceptyourmessageswhichcanincludethesecond-factorpinmessagedtoyou.
Whatmakesthisattackparticularlyconcerningisthatusersarenotrequiredtoundertakeanyaction,suchasdownloadingafakesoftwareorclickingamaliciouslink.
Topreventfallingpreytosuchscams,herearesomestepstoconsider.
DonotuseyourmobilephonenumberforSMS2FA.Instead,useappslikeGoogleAuthenticatororAuthytosecureyouraccounts.Cybercriminalsareunabletogainaccesstotheseappseveniftheypossessyourphonenumber.Alternatively,youmayusehardware2FAsuchasYubiKeyorGoogle'sTitanSecurityKey.Donotrevealpersonalidentifyinginformationonsocialmedia,suchasyourmobilephonenumber.Cybercriminalscanpickupsuchinformationandusethemtoimpersonateyouelsewhere.Youshouldneverannounceonsocialmediathatyouowncryptocurrenciesasthiswouldmakeyouatarget.Orifyouareinapositionwhereeveryonealreadyknowsyouownthem,thenavoiddisclosingpersonalinformationincludingtheexchangesorwalletsyouuse.Makearrangementswithyourmobilephoneproviderstoprotectyouraccount.Thiscouldmeanattachingapinorpasswordtoyouraccountanddictatingthatonlyuserswithknowledgeofthepincanmakechangestotheaccount.Alternatively,youcanrequiresuchchangestobemadeinpersonanddisallowthemoverthephone.WiFiCybercriminalsareconstantlyseekingentrypointsintomobiledevices,especiallytheonesofcryptocurrencyusers.OnesuchentrypointisthatofWiFiaccess.PublicWiFiisinsecureandusersshouldtakeprecautionsbeforeconnectingtothem.Ifnot,theyriskcybercriminalsgainingaccesstothedataontheirmobiledevices.TheseprecautionshavebeencoveredinthearticleonpublicWiFi.
ClosingthoughtsMobilephoneshavebecomeanessentialpartofourlives.Infact,theyaresointertwinedwithyourdigitalidentitythattheycanbecomeyourgreatestvulnerability.Cybercriminalsareawareofthisandwillcontinuetofindwaystoexploitthis.Securingyourmobiledevicesisnolongeroptional.Ithasbecomeanecessity.Staysafe.
Tags:THEINGAPPYOUethereum代幣瀏覽器下載TKINGbigone韓國rapperHoryouToken
據福布斯消息,比特幣、ETH以及DeFi代幣價格最近上漲,被歸因于新的政府刺激措施,以及散戶投資者在比特幣2017年牛市和隨后的崩盤三年后重返這個領域.
1900/1/1 0:00:00狂人本著負責,專注,誠懇的態度用心寫每一篇分析文章,特點鮮明,不做作,不浮夸!本內容中的信息及數據來源于公開可獲得資料,力求準確可靠,但對信息的準確性及完整性不做任何保證,本內容不構成投資建議.
1900/1/1 0:00:00尊敬的用戶:根據《Hotbit關于交易中心分區轉區細則》,Hotbit定于2021年01月18日起將IPM(TIMERS)、SMART(SMARTWAYFINANCEPTELTD)和RICH(R.
1900/1/1 0:00:00大家好!QDeFiRating和NOAH的ARK是一個信息平臺,您可以在其中找到相關的新代幣,在該信息平臺上,您可以收到有關新的加密貨幣和DeFi項目的消息.
1900/1/1 0:00:00原標題:《"浮盈最多時候是我60年工資!"幣圈是天堂還是地獄?12年133萬倍收益,財富究竟給了誰?看5位炒幣人自白》 來源:券商中國 作者:王君暉 幣圈一日,人間一年.
1900/1/1 0:00:00區塊鏈行業持續成熟,到2020年,比特幣的興起推動了區塊鏈行業的發展。 HOME 去年,這種加密貨幣的價格開始上漲,吸引了投資者重返該領域.
1900/1/1 0:00:00