Categories: CryptoNews

Security Experts Warn Bitcoin Users After Recent Spate of Attacks

The gradual increase in popularity of Bitcoin over the last 12 months has been great for those who jumped on the bandwagon back in 2009. However, as with all industries that start to gain some coverage in the mainstream media, security has now become an issue for Bitcoin business owners and users.

Although the industry has never been impervious to attacks from cybercriminals, a recent spate of incidents has prompted some security experts to issue a warning to the cryptocurrency world. Noted by a number of security firms, a new wave of phishing scams appears to be targeting Bitcoin users.

Phishermen Using Bitcoin as Bait

green line” (CC BY 2.0) by  Jay Erickson 

It’s estimated that approximately 100 phishing and typosquatting sites, targeting Bitcoin users, have been set up since the start of 2016. Essentially, criminals are looking to exploit the growth in Bitcoin through the use of websites that trick people into giving away their personal details.

The most recent example of this surge in Bitcoin deception is blockchain[.]info. Designed to be a malicious mirror site to the legitimate and popular Blockchain.info, this phishing site came to the attention of security teams after the domain started to gain increased exposure through a Google Ad Word pay-per-click scam.

And this isn’t the only site attempting to trick Bitcoin users, with a variety of domains featuring suspicious formats and spellings starting to crop up. The list of such sites includes: blolkchain.com, blockchain-wallet.top, blokchain-wallet.info, and localbitcons.com.

Learning to Beat the Bitcoin Bad Guys

Nobody gets me Bitcoins!” (CC BY-SA 2.0) by  zcopley 

Related Post

Naturally, filtering this information out to the wider community is the first line of defence for Bitcoin businesses and users, but it’s unlikely future attacks will solely rely on phishing scams. Modern hackers have a myriad of ways to infect sites and steal personal information from people. With this in mind, let’s quickly run through some of the more common attacks that could be used against the Bitcoin community:

Remote File Inclusion: Used to target web applications that dynamically reference external scripts, remote file inclusion attacks see the hacker find a vulnerable site and upload malware. By using remote file inclusion to exploit a weakness in the referencing function, the attacker can upload a backdoor shell that can compromise site content, hijack servers or steal personal data.

Cross-Site Scripting (XSS): A vulnerable web application will accept un-trusted data and, therefore, send it to a web browser without the necessary validation when a cross-site scripting attack takes place. Essentially, this allows a hacker to execute scripts in the victim’s browsers, which can then be used to steal personal data, deface sites or redirect the user.

Cross-Site Request Forgery (CSFR): A cross-site request forgery will force a victim’s browser to send infected HTTP requests to a vulnerable web application. The result of this process is that the website is tricked into believing that the attacker’s requests are legitimate. These requests are then authenticated and the attacker can then do as they please on the site.

Knowledge + Software = Protection

Secure Cloud Computing” (CC BY 2.0) by  FutUndBeidl 

Of course, knowing more about the most likely forms of attack is a solid way to protect your business and, therefore, your customers. However, this isn’t enough on its own.

Modern security is now moving towards cloud-based technology and web application firewalls (WAFs) are the recommended way to protect your site against OWASP’s top 10 threats. In addition to being able to monitor and filter out malicious requests, WAFs are seen as an affordable solution.

Because they are cloud-based, WAFs are more flexible, more efficient and more cost-effective. For Bitcoin businesses this sort of protection should now be seen as par for the course; especially in light of recent attacks.

Indeed, as Bitcoin continues to grow in popularity, the amount of interest from hackers is bound to increase. While the latest attacks are currently being monitored, there are potentially hundreds more that we don’t know about. Fortunately, modern technology makes it easier for attacks to be averted, but only if Bitcoin businesses are prepared to invest in the right technology.

Mark Arguinbaev

I'm a 29 year old cryptocurrency entrepreneur. I was introduced to Bitcoin in 2013 and have been involved with it ever since. Fun Fact: I mined cryptocurrency using my college dorm room's free electricity.

Share
Published by
Mark Arguinbaev

Recent Posts

Dogecoin Millionaire Predicts This Undervalued Altcoin Could Match DOGE’s 2021 Gains

Dogecoin's 2021 rally was a historic one, turning ordinary investors into overnight millionaires. This magnificent…

15 mins ago

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

1 hour ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

1 hour ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

5 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

6 hours ago

IntelMarkets (INTL) Receives Massive Demand From Chainlink And SUI Investors Looking To Position For The Best Bull Run Gains

As the cryptocurrency market gears up for a bull run, IntelMarkets (INTL) is attracting significant…

6 hours ago