In the second quarter of 2024, private key leaks were identified as the primary cause of cryptocurrency theft, according to a report by MisTrack, the investigative branch of cybersecurity firm SlowMist.
The report underscored various incidents where users stored their private keys or mnemonic phrases on cloud storage services such as Google Docs, Tencent Docs, Baidu Cloud, and Shimo Docs. This common practice of keeping sensitive information on easily accessible platforms has made users vulnerable to theft.
Moreover, some users have shared their private keys or mnemonic phrases with trusted friends using tools like WeChat. Some also employed WeChat’s image-to-text feature to copy mnemonic phrases into WPS spreadsheets, encrypting them, and then enabling cloud services while also storing them on local hard drives. While these actions might seem like they enhance security, they often increase the risk of information theft.
SlowMist discovered that malicious actors frequently use “credential stuffing” techniques, where they attempt to access accounts using leaked login details found online. Once successful, these attackers can easily locate and extract cryptocurrency-related data.
Phishing Schemes: The Second Major Cause
Phishing schemes were the second most common cause of crypto theft. In several instances, victims were deceived by fraudsters posing as customer support representatives, tricking them into revealing their seed phrases. In other cases, users were misled by deceptive phishing links on platforms like Discord, inadvertently entering their private key details.
The report also highlighted that many theft incidents occurred when unsuspecting users clicked on malicious link comments under tweets from well-known projects.
SlowMist’s security team found that nearly 80% of the first comments under tweets from prominent project accounts were from phishing scam accounts. They also uncovered Telegram groups selling Twitter accounts, many linked to the crypto industry or influencers with varied follower counts and histories.
It is worth noting that the second quarter also saw a rise in honeypot schemes, particularly on the Binance Smart Chain (BSC). These schemes involve digital currencies that appear promising to investors but are designed to be impossible to sell after purchase. Scammers create the illusion of widespread participation by circulating these tokens among numerous accounts and exchanges, leading to inflated trading figures.
The MisTrack report underscores the urgent necessity for increased vigilance and stronger security measures in the cryptocurrency realm. Given the persistent threats from private key leaks and phishing schemes, it is crucial for all users to remain constantly aware and cautious. No one is immune to these risks, and adopting robust security practices is essential to safeguarding digital assets.
Always stay informed and prepared, as anyone can become a target in the fast-growing landscape of cryptocurrency theft.
