Cyber Security training from QA

Most common ways for thieves to steal your cryptocurrency

QA Cyber Security Trainer, James Aguilan, looks at how cybercriminals can steal your coins.


James Aguilan | 19 July 2018

It's easy to forget the necessary steps needed to protect your investment while placing all your time and attention on studying what digital assets to invest in. Security should be one of your primary concerns, if you're into cryptocurrency trading. The popularity of cryptocurrency has led to a new breed of cybercriminals. Back in 2016, when crypto wasn't as popular as today, $95 million worth of Bitcoin was lost by thieves. In 2017, the cryptocurrency market lost about $215 million worth of digital coins. The following are the most common ways how thieves can steal your coins:

Mining malware – This involves hacking your computer, so it does all the mining without you realizing it. WinstarNssmMiner by 360 Total Security researchers, has been used in half a million attempted attacks leveraged at PCs in only three days.

Password attack – This tactic has existed since time immemorial. The attacker can try guess your password endlessly or use a dictionary list through social engineering until they accesses your account or wallet. Hackers have siphoned about $103,000 out of Bitcoin accounts that were protected with an alternative security measure, according to research that tracked six years' worth of transactions. Account-holders used easy-to-remember passwords to protect their accounts instead of the long cryptographic keys normally required.

Phishing – Be careful of the things you open in your email inbox and install on your computer. Phishing scams install malware that looks for your digital wallet and steals your cryptocurrency and other private information. A cybercrime gang based in Ukraine is estimated to have made as much as $50 million after tricking Bitcoin investors into handing over the login credentials for their online wallets.

Phone porting – Are you using your phone for verification purposes each time you log in? Hackers know this, so they try transferring the messages to their phone and then change your account password. Cody Brown, a virtual reality developer, blogged about how he lost around $8,000 worth of cryptocurrencies on Coinbase in 15 minutes, triggered by a phone porting attack on his phone account. A cellphone number is not the only point of weakness. Adam Dachis, a former writer for Lifehacker, says his Coinbase account was ransacked in May by hackers who took control of his home computer, costing him $10,000 worth of cryptocurrencies.

Ponzi schemes – You only must read the story of BitConnect to understand what this scheme is about. Basically, investors shell out money to join the scheme with the promise of getting huge returns, but these gains only come from the money put in by new investors.

 

Visit cyber.qa.com for more information on how they can help solve the Cyber Security skills gap.

 

James Aguilan

James Aguilan

Cyber Security Specialist

James Aguilan currently works as a Cybersecurity Researcher. He has provided upskilling and development to Government Agencies, National Critical Infrastructures and Large Corporations through the simulation of cyber-attacks and forensic investigations workshops. In the past, James worked as a Data Consultant where he advised high profiling clients on how to handle their data in a Civil Litigation or Criminal Investigation. Notably, this includes the largest Merger between two US Powerhouse Conglomerate, a deal worth $87 billion. Additionally, he has also served as a Cybersecurity Consultant where he would Respond to Incidents and Perform Full Forensic Investigations. James holds a first-class honour in Computer Forensics and is actively working towards a Masters in Network Security and Penetration Testing.
Talk to our learning experts

Talk to our team of learning experts

Every business has different learning needs. QA has over 30 years of experience in combining the highest quality training with the most comprehensive range of learning services, ensuring the very best fit for your organisation.

Get in touch with our learning experts to talk about how we can help.