How Do Hackers Steal Cryptocurrency?

While you are busy try to take a position in a cryptocurrency and possibly watch it increase in price, there’s someone out there whose primary aim is to steal your funds and the funds of other crypto users. The bigger the catch, the better.

Hackers will always be part of the crypto ecosystem. And if they can hijack large sites Mt. Gox and CoinCheck, then you have to be worried. Put differently, you may need to put some other security measures in place to stay safe. This article is going to explore some of the tools hackers use to gain access to your device and possibly steal your funds.

It may surprise you to know that over 2 million Bitcoin wallets are under threat of being hacked. According to a report by Bleeping Computer, hackers are making use of a malware known as clipboard hijackers. For most of us, we can’t be bothered about typing a wallet address and ensuring it is correct (that’s cumbersome and prone to a lot of error). What we settle for is “copy and paste”. A clipboard hijacker can potentially replace your copied wallet address with that of the hacker. Thus, preying on human inattention. To stay safe, always double check the address you are sending funds to. Here are some other ways, hackers may get to steal your funds.

App Store & Google Play Application

We all want convenience, but then, it can become quite costly. It’s definitely easier to wake up in the middle of the night to check how the market is doing and making a few trade calls, than having to turn on your laptop. There is also a high possibility that your mobile device is everywhere you go when compared to a bulky laptop. For this reason, most traders prefer installing mobile apps over trading on desktops.

Sadly, most victims of hacking are users of smartphones which do not have two-factor authentication (2FA) enabled. All a hacker needs to access your account is a username and password. By subtly adding compromised applications which contain certain resources linked to cryptocurrency, hackers can get some sensitive data linked to your accounts. For example, new crypto users may fall for an app named “Free Litecoin on Poloniex” or “Free Trading Bot for Binance”.

Some traders on Poloniex were victims of this method a while back. There was a mobile version of the Poloniex website on Google Play. The Poloniex team did not develop the app and it was a malware. Before it was removed from Google Play, an estimated 5500 traders had already been affected, according to Lukas Stefanko, a malware analyst at ESET.

So, to keep yourself safe, don’t get carried away by installing mobile versions of your favorite wallet or exchange. And if you have to, ensure you are downloading from an official source. Also, it wouldn’t cost you anything to have 2FA enabled on your mobile device.

In summary, there are a host of channels hackers pass through, from crypto add-ons to authentication by SMS, public Wi-Fi, clone sites, and phishing emails.