Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
Scammers in cryptocurrency are finding new ways to trick consumers into revealing their information. Sometimes, this is in the form of malware, requiring a download so that the scammer can gain access to a device. Other times, scammers advertise a false platform to lure overly trusting users. However, recent research shows that scammers have taken to using altered photographs to make two-factor authentication protocols their new target.
The use of these images appears to be a collaborative effort amongst cybercriminals, as there is an entire market on the dark web to allow hackers to purchase the doctored images. The rates are impressively low, but there are still a few kinks in the plan. For instance, multiple verification methods on websites will not work with this method. That being said, this may not be as effective as cybercriminals would prefer.
There is already so much to worry about for consumers that leave their digital assets on a platform instead of a wallet. A single security compromise would be enough to destroy any wallet. In reporting on this matter, NewsBTC brings up the case of QuadrigaCX, in which investors have lost access to their cryptocurrency as a result of possible negligence, or even possible
âsomething more sinister.â
With phishing attacks and the possibility of exit scams, most people have probably already heard from advocates and leaders in the community that encourage consumers to hold their funds in separate wallets.
The research on this latest scam with doctored photographs was uncovered by Hold Security and Bank Info Securities. The chief information security officer at Hold Security, Alex Holden, claims that scammers only have to pay about $50 for an altered image. Individuals that setup this type of attack will usually request to change a device used in the process, provoking the two-factor authentication codes. Then, the image they have purchased will show the information needed about the user.
Right now, there are some exchanges that do not require photographic identification for users to sign up. In these scenarios, Holden expects there to be a success for scammers. He added,
âSome companies have no ability to assert what their client looks like⊠Itâs not like hackers publish success rates. But because we know that [hackers who] we are monitoring are actually making money off of it, Iâd say yeah.â
Luckily, the scam will not get too much traction amongst most exchanges, considering that a government-issued document is necessary for trading. Most of the bigger exchanges seem unconcerned with this threat, though they still prioritize security for users. Unfortunately, at least in the investigations of Hold Security, the platforms were not very forthcoming with examples of successful scammers.
Both Coinbase and Kraken confirmed that the ID verification images have multiple qualifications they must meet, though two-factor authentication is a part of the process. Higher tier accounts have photographic identification verified by the time they sign up to upgrade. Binance was more willing to discuss this scam, saying that they had, in fact, seen examples. The platform added,
âUnfortunately, weâre no stranger to these types of malicious attempts to gain access.â
Binance also expressed a lack of fear for these scammers, saying,
âGiven the measures we currently have in place, I donât believe this threat is something for Binance to be particularly worried about at the present time.â
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.