Binance’s Chief Security Officer (CSO), Jimmy Su, has highlighted the growing threat from hackers in the darknet who are targeting cryptocurrency users with weak security practices. The dark web harbors a well-established ecosystem of bad actors, according to Su.
Previously, crypto exchanges like Binance faced numerous hacking attempts on their internal networks. However, as these exchanges have improved their security measures, hackers have shifted their focus towards crypto end-users. Phishing scams, especially through emails, have become particularly prevalent and are used to collect sensitive information by impersonating trusted individuals.
Ecosystem Layers
Su describes this hacker ecosystem as consisting of four layers: intelligence gatherers, data refiners, hackers, and money launderers. Intelligence gatherers collect illicit information about crypto users, creating databases of user details, including websites frequented, email addresses, names, and social media presence. This information is then sold on the dark web. Data refiners specialize in refining the gathered data to identify which crypto exchanges users may be registered with. Scripts and bots are employed to create accounts using a user’s email address, enabling targeted scams.
The third layer consists of hackers and phishers who utilize the refined data to launch phishing attacks. By leveraging personalized information, they send messages claiming suspicious activity or security breaches, tricking users into clicking malicious links or revealing sensitive information. Once funds are stolen, the final step for the criminals is to evade detection. They may keep the stolen funds dormant for an extended period before utilizing crypto mixers like Tornado Cash to obfuscate the trail.
Practicing Better Security Hygiene
To mitigate these risks, Su emphasizes the importance of practicing better “security hygiene” among crypto users. Users should regularly review and revoke permissions for decentralized finance projects they no longer use. Additionally, ensuring the privacy of communication channels used for two-factor authentication, such as email or SMS, is crucial.
As the darknet ecosystem continues to evolve, it is essential for cryptocurrency users to remain vigilant and adopt robust security measures to protect their digital assets.