The internet security company SlowMist has conducted research on the common or rare hacking techniques based on the victim’s help messages received by its MistTrack investigation department in the second quarter of 2024. After analyzing 467 stolen forms received, it was found that private key leakage, phishing, and fraud were the three most common reasons for cryptocurrency theft in the last quarter.
According to the report released by SlowMist on Tuesday, the main reasons for private key leakage among victims include storing private keys/mnemonics in various cloud storage services such as Google Docs. The report also warns that sending sensitive information such as mnemonics through communication apps like WeChat can also pose risks, despite the security measures such as end-to-end encryption adopted by these platforms.
SlowMist also pointed out that attackers use other scam methods to lure wallet users into revealing their mnemonics, such as impersonating customer service personnel and sending phishing links through platforms like Discord. SlowMist reminded that private keys or mnemonics should never be disclosed to anyone under any circumstances.
In addition, downloading fake wallet apps posing as popular cryptocurrency wallet apps was also identified as one of the main reasons for private key leakage. SlowMist stated that they had found a non-existent version of the imToken wallet on the third-party app store APKCombo, which was the most common fake imToken wallet version on the market. Furthermore, there was even a rare case where users had their private keys or mnemonics stolen by downloading a fake Twitter app.
According to a report by “crypto.news,” these fake apps don’t only appear in third-party app stores. Last week, a fake Phantom wallet bypassed Apple’s app store security measures and stole encrypted assets from anyone who imported their private keys into the app. The fake app has since been removed from the app store.
SlowMist also pointed out that other reasons for cryptocurrency users being stolen include phishing links and scams on social media platforms. The report suggested that users should take preventive measures such as enhancing security awareness and using various software and hardware tools to ensure asset and information security, such as the phishing risk-blocker plugin Scam Sniffer.
In terms of fraud, SlowMist identified the most common method as the “Pi Xiu scam,” which occurred mostly on the BNB smart chain (BSC). Scammers typically lure victims into buying Pi Xiu coins, which can only be bought and not sold, and create the illusion of rapid appreciation through manipulation to entice victims to increase their investment.
The SlowMist team recommended that users should first check and confirm the tokens before trading, including using security testing tools like MistTrack or GoPlus to check the risk situation of token-related addresses, verifying whether the smart contract code has been audited and verified on the blockchain browser, reading relevant comments, reviewing the background of the project, and raising self-prevention awareness.
Source: SlowMist, crypto.news
