Cryptocurrency exchanges experience tenfold increase in phishing attacks in H1

On August 10, hackers stole $613m in digital coins from token-swapping platform Poly Network

The majority of the cryptocurrency attacks were orchestrated through social media, a new PhishLabs report shows. Getty Images
Powered by automated translation

Cryptocurrency exchanges experienced a tenfold increase in phishing attacks in the first half of the year compared to the prior year period, a new report shows.

The majority of the cryptocurrency attacks were orchestrated through social media, cyber threat intelligence company PhishLabs said in its latest report, although it did not disclose the exact number of attacks.

“We anticipate cryptocurrency businesses will continue to be aggressively targeted by threat actors through social media in future quarters … [it is] due to a majority of their activity and communication taking place through social platforms,” the report said.

In the April-June period, a combination of brand, executive and employee impersonation attacks accounted for 54.7 per cent of all social media attacks in the cryptocurrency sector.

“This activity identifies threat actor attempts at impersonating cryptocurrency businesses to confuse customers and cash in on the sector’s skyrocketing growth,” the report added.

Phishing typically comes in the form of fraudulent emails or pop-up messages that aim to obtain personal information from victims, such as credit card details and sensitive data, including personal identification numbers, usernames and passwords.

Hackers pulled off the biggest cryptocurrency heist yet on August 10, stealing $613 million in digital coins from token-swapping platform Poly Network, only to return $260m worth of tokens less than 24 hours later.

Three site staging methods accounted for all of the phishing attacks on cryptocurrency exchanges. Free hosting solutions (96.5 per cent of attacks), compromised sites (3.4 per cent) and a very small number of sites targeting exchanges abused development tools for staging.

A staging environment, or staging site, is a copy of a live website and allows site owners to test any changes or new features before they are deployed on the live website.

Overall, the number of phishing sites encountered in the first half of 2021 outpaced the prior year period by 22 per cent. PhishLabs said it “anticipates the volume will outpace 2020 as we progress through the year”.

“Bad actors continue to utilise phishing to fleece proprietary information and are developing more sophisticated ways to do so based on growth in areas such as cryptocurrency and sites that use single-sign-on,” founder and chief technology officer of PhishLabs John LaCour said in a statement provided to New York-based online media company Decrypt.

“As the cryptocurrency and digital asset markets mature, so have hackers' approaches to compromising exchanges, asset owners and other parts of the crypto-financial ecosystem,” he added.

Updated: September 21, 2021, 7:52 AM