BitStamp detected yet another scam targeting Bitcoin users. Much publicized, the Bitcoin community has faced threats from hackers and other plays for years. Oftentimes, phishing attacks have been used to trick users into giving up their coins to criminal elements. Other times, ransomware attacks have opened the door to a new realm of cyber attack.
Be careful! We have uncovered a Chrome extension called BitcoinWisdom Ads Remover that will try to steal your #bitcoin.
— Bitstamp (@Bitstamp) March 11, 2016
According to researchers, the scam replaced QR code images on bitcoin exchanges with its own addresses. The fraudulent application was listed on Google’s Play store. Some users have noted this is perhaps a good reason why crypto-currencies like Bitcoin should use vanity addresses – transactions addresses easily read and understood by humans. This would make it easier for Bitcoin users to detect when they are being targeted by a phishing attack or other sort of attack.
One of the best-known phishing attacks in Bitcoin’s history involved BitPay. It’s a harrowing example of the risks of crypto-currency. How that security breach came to be is an interesting story.
According to the lawsuit filed in September, Bryan Kohn, BitPay’s chief financial officer, received an email from an individual claiming to be with a digital currency publication asking Krohn to comment on a Bitcoin industry document. The email sender’s computer was hacked, and the hacker had sent the fake email directing Krohn to a nefarious website managed by the hacker.
“After capturing Mr. Krohn’s Bitpay credentials, the hacker used that information to hack into Mr. Krohn’s Bitpay email account to fraudulently cause a transfer of bitcoin” valued at $1,850,000, according to the lawsuit.
Kohn conducted the transfer, totalling 5,000 bitcoins, in three different transactions. The hacker accessed Krohn’s email and sent email to BitPay CEO Stephen Pair asking Pair to transfer 1,000 bitcoins to a BitPay customer wallet. He honored the request. He also honored the request by the hacker to send an additional 3000 bitcoins to the customer. BitPay is now suing its insurer, which declined to cover the loss.
BitPay remains one of the best-known companies in the crypto-currency space, and the firm just recently joined some of the biggest players in crypto-currency to work alongside big corporations such as Microsoft to bring blockchain as a service to enterprise.
BitPay is not the only victim. As can be seen here, plenty of other phishing attacks have been carried out. The reason why Bitcoin is targeted is the pseudonymous nature of the currency and ability to cloak oneself behind encryption techniques. Another reason is the easy-to-transfer nature of the world’s first decentralized digital currency.
Featured image from Shutterstock.