4 tips to protect your crypto from hackers in this bull market
Crypto users and projects need to keep their heads on the swivel heading into the next bull market, keeping an eye on trustless exchanges, decentralized finance (DeFi) protocols, and ever-evolving phishing scams.
In January, hackers carried out 30 attacks and spent more than $182.5 million in stolen funds, a 771 percent year-over-year increase from January 2023 and a nearly 84 percent increase since December, according to PeckShield data.
February also set a record month with more than $380 million stolen from hackers – more than double January. At least $290 million was stolen from PlayDip alone, along with $26 million from FixedFloat and $9.7 million from Axi Infinity co-founder Jeff Zirlin.
#PeckShieldAlert Hackers stole ~$360.83m over 21 attacks in February 2024, a 97.6% increase compared to January 2024. Additionally, ~1.8% of the stolen funds were recovered, totaling ~$6.7 million pic.twitter.com/ MCykceNun5
— PeckShieldAlert (@PeckShieldAlert) March 1, 2024
“Education is the first line of defense to keep crypto safe,” Eric Jardine, head of cybercrime research, told Cointelegraph. “Consumer awareness is always important.”
Jardine says crypto protocols typically have a wide transparency due to their open source development. Great for users who want to audit their code, but “opens up opportunities for bad actors who can analyze scripts for vulnerabilities and plan exploits in advance.”
“Do your research on platforms and DeFi protocols before engaging with them,” Jardine said. “Understand their security behaviors and strategies and look for improvements across the platform on how they're improving these.”
Check, then check again
In the year By 2023, more than 324,000 crypto users will be hit by phishing scams, losing around $295 million, according to a Scam Sniffer analysis.
The anti-scam platform told Cointelegraph that “social media has a lot of scam links,” and malicious websites on these platforms are often linked to advertisements.
Beosin security researcher Pan Tao warned that phishing attacks on X, pretending to be Ethereum staking and token airdrops, “have become more frequent and effective recently.”
In the year
The attacker allegedly directed users to a fake website (microsfrategy.com).
Scam Sniffer says users should always verify a website's URL from multiple sources and understand what it does before signing a contract.
Meanwhile, Tao warned that phishing devices – such as those used in fake airdrops – have become a “mature and convenient phishing tool”, and attackers will introduce scams on Google and X.
Having a safe CEX
According to Beosin's Tao, many new crypto users buy their first digital asset through a centralized exchange (CEX) owned and operated by a single entity.
At the same time, there were “several CEX frauds”, including the theft of customer funds by FTX and the alleged fraud against users by JPEX.
Tao pointed out that the criteria for choosing a secure, centralized exchange should start by making sure it's licensed “or at least publish a backup certificate regularly.”
It should also have “no withdrawal issues or high withdrawal fees” with “timely customer support and clear responses.”
Protect those private keys
DeFi protocols must ensure that security efforts cover vulnerabilities on and off the blockchain, Jardine said.
On-chain vulnerabilities — such as smart contracts — “will account for the majority of DeFi hacking activity in 2023,” Jardine said. “This changed during the year with hacked private keys driving a larger share of hacks in the second half of the year,” he added.
Related: ZK-proofs introduce security challenges for developers
“A key takeaway for DeFi protocols is that security efforts need to cover not only on-chain vulnerabilities and smart contracts, but especially on the rise of off-chain vulnerabilities.”
Projects can create systems to monitor activities on the chain for potential vulnerabilities, Jardine suggests.
He noted that some companies offer third-party integration to protect and “products that can enable and respond to cyberattacks to help communicate with customers who may be at risk.”
According to Jardine, Chainalysis has seen improved DeFi protocol security practices and losses from protocol hacking have fallen by about 64% year-over-year to $1.1 billion by 2023.
Magazine: How to protect your crypto in a volatile market — Bitcoin OGs and experts weigh in.