Binance Cryptocurrency Exchange Reveals the Most Common Cryptocurrency Theft Scheme

Jimmy Su, Chief Security Officer at Binance, spoke about how the scheme of attacking cryptocurrency users is organized. According to him, an already «established» ecosystem of hackers is hiding in the darkest corners of the darknet, targeting investors who do not follow the «security rules.»

Su noted that after Binance 's launch in July 2017, there were many attempts to hack its internal security system. However, the exchange subsequently improved its security and the focus of hackers shifted directly to users. «Hackers always choose easier targets to achieve their goal because it’s a business for them ,» the Binance CSO emphasized.

According to Su, the hacker ecosystem consists of four levels:

1. Information gatherers;
2. Those who refine the information;
3. Hackers who carry out the attack;
4. Launderers of stolen digital assets.

Information gather ers are the highest level. At this stage, the attackers collect and collate dishonestly obtained information about cryptocurrency owners, creating entire spreadsheets with all the details. The information they collect includes a list of visited websites, emails, accounts on Telegram and other social networks.

Data ref inement — at this stage, another group of people who bought the information collected earlier analyze the data. Fraudsters use scripts and bots to determine which exchanges a user may be registered on. How exactly? Attackers try to create an account on an exchange using a potential victim’s email address. If they receive a message that this email is already registered, it means that the user has an account on the exchange.

Hackers and phishers are the group of people who use the filtered data to carry out an attack. They know that the user is registered on a particular exchange and can perform various manipulations. For example, they can send an email with a phishing link that reads something like this: «An attempt has been made to withdraw $ 5,000 from your account on exchange X. If it was not you, please click on the link and contact the support service.»

Launderingstolen cryptocurrencies is the last step. Once the funds are stolen, they can be left inactive for a long time and then gradually moved to cryptomixers such as Tornado Cash. There are known groups of hackers who may not touch stolen assets for two to three years.

Users have been warned once again that hackers are constantly improving their skills. It is worthwhile to improve skills in protecting personal and corporate gadgets, studying information about the latest technologies and artificial intelligence. Experts are confident that awareness will protect people and help avoid undesirable consequences.