Court Documents reveal that a few Californian residents had their phones hacked through the “SIM-swapping” technique, which enabled the hacker to steal cryptocurrency from their online exchange wallets.
The main plaintiff claims to have lost the equivalent of $1 million USD to the hacker, of which only $300,000 USD was recovered from the defendant’s hard drive (the article did not detail how much of the loss was due to exchange price fluctuations). The theft was made possible through “SIM-swapping” where the hacker uses stolen personal information, such as a birthday or social security number, to get the wireless phone service provider to switch the phone number from the rightful owner’s device to the hacker’s device. The hacker then breaks into the victim’s online exchange account and utilizes the the stolen number to pass through the two-factor authentication that is meant to be a safeguard.
“In order to stop that trend, cybersecurity and industry experts say investors should guard their cellphone numbers with the same paranoia with which they guard their Social Security numbers.”
More recently, some Uphold customers became victims of a free Bitcoin phishing attack. The email, which initially appeared to have come from an official Uphold account, described a Black Friday discount where if users sent Bitcoin to a specific address, they would receive their original amount back plus 15% more. Uphold quickly announced via their social media channels that the email did not come from an official Uphold account and their mail servers may have been hacked, but not Uphold itself. However, they did temporarily suspend Bitcoin withdrawals as a precaution and soon announced all systems back to normal and plan to rollout anti-phishing safeguards.
Importance of vigilance in the cryptocurrency sector
An important reminder is that if a consumer does not control their private keys, then that consumer does not technically own that cryptocurrency and is also much more susceptible to have their cryptocurrency be stolen, especially when stored on an online exchange’s hot wallet. Instead, consumers should consider storing the majority of their funds in cold wallets so they control their private keys and remove internet connections to reduce attack vectors.
“Experts also recommend that investors keep their funds in what’s known as “cold storage.” The method allows you to store digital currency offline, away from any internet access. That makes it harder to hack.”
Another important due diligence practice is consistent skepticism since cryptocurrency is a new industry and thus has individuals trying to take advantage of others that may not be fully educated in the space. The Uphold phishing attack demonstrates this since it was not a direct hostile theft of cryptocurrency, but attempted to take advantage of trust, gullibility, and/or greed since it asked for consumers to willing send money to an address based on the promise of getting more money back. A good reminder to evaluate propositions is the age-old saying “if it it too good to be true, then it probably is”, since most individuals in the cryptocurrency space are not going to give away free money without getting something in return.
Dash utilizes ease of use to mitigate risk
The Dash community recognizes that to achieve wider adoption, consumers have to feel safe and comfortable using cryptocurrencies and not feel like they will lose fund should they accidentally take the wrong action. MyDashWallet is one group that is working on a solution by providing a relatively easy to use hardware wallet where the consumer controls the private keys. This makes it easy for consumers to protect their funds, but also have access to enhanced features like easy tipping. Evolution, which is a series of upgrades with the first release due soon, is another example of making Dash easy to use to incentivize consumer to default to a wallet were they control the private keys rather than an online wallet with nice UX/UI.
Dash also enables educational initiatives through its DAO Treasury so Dash community members can inform consumers how best to use Dash and how to properly protect their newly gained monetary and fiscal freedom. This helps separate Dash from competitors because even though nearly all information can be found online, it can be difficult and time consuming to search through endless forums, chat groups, and whitepapers. Dash brings the information to the consumer to allow the consumer to easily protect themselves. These features demonstrate Dash’s commitment to making cryptocurrency usable by ensuring consumers have ease of use to protect themselves from the new risks that the industry introduces for the trade-off of gaining new freedoms and advantages.