Recently, a vulnerability was discovered on the TOR network, which is used to anonymously access the Internet, allowing hackers to steal crypto assets from users of exchanges and crypto wallets. A security loophole has added to the range of popular attacks against crypto owners through their browsers. Today Dmitry Volkov, CTO of the international cryptoexchange CEX.IO, talks about how to prevent such attacks on browsers.
When it comes to trying to steal cryptocurrency, attackers almost always focus on the browser through which most users enter exchanges and exchange their cryptoassets.
The first and easiest attack method is phishing. For example, at the end of last year, hackers organized a large-scale attack on large corporations, spending $ 160,000 on it. Attackers give users fake websites very similar to the original. At the same time, social engineering is actively used to convince the victim of the need to urgently take some action. For example, a user may receive a message allegedly from a representative of the exchange, stating that the user's account will now be blocked if some kind of money transfer is not urgently made. And if the browser does not have a ban on working using unprotected protocols, the check of suspicious sites and the presence of certificates is disabled, the threat of hacking increases many times over.
And according to the latest news, users of the TOR browser, which is often used to achieve anonymity, are at risk. The so-called Man-in-the-middle attack allows an attacker to intercept and read the transmitted data, as well as spoof the information that you send. The means of combating such attacks on the Internet have been around for a long time and have become the standard. First of all, this is the HTTPS protocol, with which user data is transmitted in encrypted form.
By connecting via HTTPS, the user can be sure that they are on a real and not a fake site. However, the practice is such that attackers often force a user to establish a connection not over the secure HTTPS protocol, but over the insecure HTTP protocol. It is believed that it is possible to force a user to switch to a less secure protocol only at the very beginning of the connection, and this can only be done by an Internet service provider - for example, a home provider or a public Wi-Fi network. But in the case of TOR, an exit node can also impose an unsecured connection on the user - the node through which the actual connection to the Internet occurs. Therefore, by controlling the exit node, the hacker has about the same Man-in-the-middle attack capabilities as the user's ISP or VPN service provider.
The fact that the TOR network is anonymous and the owners of the nodes can literally create whatever they want adds fuel to the fire. And if providers value their reputation and do not allow such attacks, in the case of TOR, no one risks anything. And when a hacker connects to the connection, he can not only steal data from the computer, but also change the address of the wallet to which you transfer your money.
How do I keep my crypto assets?
There are generally accepted security rules that help you avoid hacker attacks and not lose your funds. This requires:
Be suspicious of any sites, check for a certificate and connection security
Since phishing is the main tool of hackers in trying to steal crypto assets, any site should be suspected. Hackers love to make fake sites very similar to the original, so don't be fooled by the usual shapes and graphics, double check everything. Disagree if you are prompted to migrate to unsecured HTTP
Don't follow links from emails and messages
You will not be taken to a phishing site from a search engine or Favorites. But the links from messages and letters can go anywhere. So do not rush to click on the button right in the letter, even if it seems that the support service is writing to you. Enter the required address manually, or go to the site through Yandex or Google.
Regularly update your browser and security systems on your computer
From the point of view of the security of your valuable data, you should always assume that the system from which you access the Internet is vulnerable. Before making a transaction with your coins, update your antivirus, make sure that all patches are installed on your computer and the latest anti-malware databases are loaded.
Work with sites that meet all safety requirements and operate under the control of one of the recognized regulators
Exchanges and crypto wallets themselves can also be hacked by hackers, and therefore you need to choose reliable platforms to store your assets. Regulatory exchanges are, by definition, more secure. The users of such platforms have access to two-factor authentication and the use of multiple signatures.