In cryptoland, trust can be costly

Discussion in '0-day Release' started by RGiskardR, Jul 9, 2018.

  1. RGiskardR

    RGiskardR Malware Tester Silver Member

    While the legal status of cryptocurrencies and laws to regulate them continue to be hammered out, scammers are busy exploiting the digital gold rush. Besides hacking cryptocurrency exchanges, exploiting smart-contract vulnerabilities, and deploying malicious miners, cybercriminals are also resorting to more traditional social-engineering methods that can reap millions of dollars. Their targets are not just the owners of cryptocurrency wallets, but basically anyone with an interest in the subject.

    To understand how scammers can access victims’ money, it helps to remember how cryptocurrencies work and what it means when we talk about the address and private key of a cryptocurrency wallet.

    Cryptocurrencies are based on asymmetric encryption with public and private keys. The wallet address, which anyone can transfer money to, can be generated from a public key, which in turn can be obtained from a private one. The private key is required for all wallet transactions, hence scammers’ interest in it. Note, however, that attackers are not always after the victim’s private key— the goal is often to get people to transfer funds into the scammers’ accounts all by themselves. But one thing at a time.

    Full reading:
    wwd, silversurfer and Trim like this.
  2. Google Adsense

Share This Page