A recent cyber attack campaign targeting cryptocurrency storage has been uncovered, focusing on both hot and cold wallets. Kaspersky cybersecurity experts identified the malicious campaign, which sent out a staggering 85,000 scam emails during the spring of 2023. The peak of the campaign occurred in March, with over 34,000 intercepted malicious messages.
The rise in popularity of hot wallets, which boast over 400 million users globally, is attributed to their ease of use and accessibility. According to Roman Dedenok, a security expert at Kaspersky, the increasing popularity of cryptocurrencies necessitates heightened vigilance and robust security measures to safeguard digital assets.
Hot wallets, including crypto exchanges and apps, are vulnerable to cyber attacks due to their constant internet connectivity. Phishing attacks targeting hot wallet users typically involve simple tactics that exploit non-technical individuals. Scammers often impersonate reputable crypto exchanges through fraudulent emails, urging users to verify transactions or confirm wallet security.
In contrast, cold wallets are offline storage systems, such as dedicated devices or paper-based private keys. Kaspersky researchers discovered a targeted phishing campaign aimed at exploiting cold wallet owners. This campaign involves an email impersonating the well-known cryptocurrency exchange Ripple, enticing recipients with the promise of participating in an XRP token giveaway.
Instead of leading victims to a phishing page, scammers create a deceptive blog post resembling the Ripple website’s design. The blog prompts users to enter the token giveaway by following a specified link. Upon clicking the link, victims are directed to a fake Ripple page with a domain closely resembling the official Ripple domain, using a Punycode phishing attack. Victims are then prompted to connect their hardware wallets, allowing scammers to access their accounts and conduct fraudulent transactions.
To safeguard cryptocurrency assets, Kaspersky experts advise purchasing hardware wallets from trusted sources, inspecting new hardware wallets for tampering, verifying legitimacy and updating firmware, securely storing seed phrases, and using strong and unique passwords. By implementing these security measures, cryptocurrency users can mitigate the risk of falling victim to malicious attacks targeting both hot and cold wallets.