From billionaire Elon Musk to Indian actor Amitabh Bachchan joining the crypto space, the hype around cryptocurrency is growing and the prices of these digital coins are seeing a spike as well. But while the crypto coins do give a high rate of returns, they are equally susceptible to cyber attacks.
Cybercriminals are now taking advantage of the ongoing craze around Bitcoin to trick potential victims and steal their digital money, reveals research by Barracuda, a provider of cloud-enabled security solutions. At least 7,000 people lost more than $80 million in crypto scams between October 2020 and March 2021 — a 1,000% increase from a year ago, according to the US Federal Trade Commission.
Meanwhile, blockchain hackers are not only targeting crypto holders but also crypto exchanges, according to Atlas VPN. Their study showed that $3.78 billion worth of digital assets were stolen across 122 attacks in 2020. More recently, in one of the biggest cryptocurrency heists ever, a group of hackers in August stole $613 million in digital coins from token-swapping platform Poly Network. While the company claims that hackers behind the heist have now returned nearly half of the tokens they stole, but in the world of cryptocurrency, there are no guarantees.
How are cybercriminals using crypto as a scamming tool?
Fueled by the craze around Bitcoin, the value of cryptocurrencies increased by almost 400 per cent between October 2020 and April 2021. The growing value of cryptocurrencies also saw an increase in email compromise attacks by 192 per cent between October 2020 and May 2021, reported Barracuda.
It is worth noting that the digital format of cryptocurrencies makes them decentralised in nature and without any regulations, and thus the currency has become a safer choice for cybercriminals. Hackers use Bitcoin to get paid in extortion attacks where they claim to have a compromising video or information that will be released to the public if the victim does not pay.
Cyber hackers now target and personalise fake emails to get victims to purchase Bitcoin, donate them to fake charities, or even pay a fake vendor invoice using cryptocurrency.
What are crypto wallets? How safe are crypto wallets?
Digital currencies such as Bitcoin, Ethereum or Dogecoin, are stored in something called a ‘wallet’, which can be accessed by using your ‘private key’—the crypto equivalent of a super-secure password— without which the crypto owner cannot access the currency.
A crypto wallet stores the private keys that give the user access to their cryptocurrencies—allowing one to send and receive cryptocurrencies like Bitcoin and Ethereum. It should be noted that your coins are stored on the blockchain, and the private key is required to authorise transfers of those coins to another person’s wallet.
There are different types of crypto wallets available that cater to different requirements in terms of security, reliability, accessibility, etc. Here we explain all types of wallets available and how secure they are:
A mobile crypto wallet is an essential tool for those actively trading in cryptocurrency. It runs as an app on your smartphone, storing the private keys and allowing you to pay for things, trade, and store crypto with the phone.
E-wallets or web wallets store your private keys on a server, which are controlled by a third party. The organisations running the website can gain access to your private keys, thus gaining total control of your funds. Typically, these are less safe.
Desktop wallets store the private keys on your hard drive or SSD on your computer. These are more secure than web and mobile wallets, as they don’t rely on third parties for their data and are harder to steal.
A paper wallet or offline wallet is a printed piece of paper that contains your private keys and QR codes that are used to facilitate cryptocurrency transactions. Because they are removed from the Internet, they are considered to be one of the most secure.
A hardware wallet stores private keys in a secure physical device, it is one of the best ways to protect your cryptocurrency. Moreover, they are immune to computer viruses, making it virtually impossible for hackers to steal your coins.
What happens to stolen cryptocurrencies?
Lost crypto coins cannot be retrieved and permanently exit the currency’s circulating supply. According to Cane Island Digital Research, 4 per cent of available Bitcoin is lost each year. But, how are cryptocurrencies stolen or lost?
When sending any cryptocurrency from one wallet to another, the user is asked to enter the recipient’s address, which is a combination of numbers and alphabets. However, in case you send the digital asset to the wrong address, there is no way to undo these transactions.
Another major reason why cryptocurrencies are lost is if you input an incorrect password to the wallet. This year, for instance, a programmer in San Francisco made headlines when he found himself locked out of an encrypted drive with a reported $220 million worth of Bitcoin stored on it. He only has two remaining attempts to input the correct password before his coins are permanently lost.
If a user’s private key is stolen, all the cryptocurrency from the compromised address can be transferred. In that case, the blockchain network does not have any provisions to identify the thief or block further transactions of those stolen crypto assets. Meanwhile, cryptocurrency is not a legal tender in India and most parts of the world, since the coins in circulation are predominantly privately created.
How to keep your crypto investments safe?
The safety of wallets depends on how the user manages them. The biggest danger in cryptocurrency security is the individual user perhaps losing the private key. Online wallets are the easiest wallet to set up and use but are also the most susceptible to cyber-attacks. One way to secure your cryptocurrency is to use an offline wallet instead of the online one.
Offline wallets— a paper or hardware wallet, can be operated either through your desktop, mobile, or specifically designed hardware. However, when you do use an offline wallet, make sure you enable multiple levels of authentication before being able to access your crypto holdings.