- An attacker targeted Paradigm’s head of security and tried to steal his Bitcoin in three clicks.
- Sam Sun shared details of the compelling hook and how easy it is for individuals to fall prey to Bitcoin hacks.
- Attackers can steal wallet data directly from browser extensions or Discord session tokens when users click on malicious links.
Former white hat hacker and the head of security at Paradigm, a VC firm, was targeted by a hacker recently. Sam Sun told his 86,300 Twitter followers how three clicks and two malicious file downloads could give the hacker access to his Bitcoin.
Hackers target wallet data of users, send malicious links
Sam Sun, a former white hat hacker and the head of security at Paradigm, was recently hit by an attacker in an attempt to steal his wallet data and eventually his Bitcoins. Sun performed malware analysis and broke down the series of events that could have led to a successful attack on his wallet data.
1/ Today, someone tried to hack me with a crypto stealer, so I guess I've finally made it— samczsun (@samczsun) July 5, 2022
Fortunately, they weren't successful, but all it would've taken was three clicks. Read on to learn about how the attack works, how to protect yourself, and some basic malware analysis️ pic.twitter.com/31qqUoATWL
Sun shared the analysis on his Twitter account, revealing how simple it is to be hacked and how attackers are stealing info like wallet data and Discord session tokens to gain access to users’ cryptocurrencies. In the case of Sun, a malicious actor sent a message with a link to arouse his curiosity.
The message read,
I am sorry to disappoint you.
You are being sued.
You can read a copy of the lawsuit here (Malicious link)
No copyright has been claimed.
You can also write a statement in response, good evening John.
Sun revealed that messages accompanied by malicious links are compelling hooks and when placed under pressure, even trained security professionals might act irrationally and click on the link.
Clicking the link downloads a file to the target’s computer. This is the first step, opening the downloaded file takes the target another step closer to getting hacked. Once the file is opened, the attacker has access to wallet data, browser extensions or Discord session tokens of the target. This gives the malicious actor direct access to your cryptocurrency.
“Hybrid Analysis”, an automated malware analysis service provider, helped Sun identify that the two downloaded files on his device were malicious. Running the files through a malware analysis detector helped him determine that the attacker attempted to steal his cryptocurrency. Therefore, Sun warns his followers against running downloaded programs, files without running them through malware analysis detector.
Results after running both downloads through Hybrid Analysis
Attacks are therefore not limited to the DeFi ecosystem, and cryptocurrency holders are simply three clicks away from losing access to their holdings.
Why KuCoin’s insolvency could have serious implications on Bitcoin price
Analysts at FXStreet evaluated the impact that Mt.Gox’s insolvency had on Bitcoin and revealed that they expect a similar situation in case of KuCoin. For more information and the impact on Bitcoin price, check out this video:
Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of FXStreet nor its advertisers. The author will not be held responsible for information that is found at the end of links posted on this page.
If not otherwise explicitly mentioned in the body of the article, at the time of writing, the author has no position in any stock mentioned in this article and no business relationship with any company mentioned. The author has not received compensation for writing this article, other than from FXStreet.
FXStreet and the author do not provide personalized recommendations. The author makes no representations as to the accuracy, completeness, or suitability of this information. FXStreet and the author will not be liable for any errors, omissions or any losses, injuries or damages arising from this information and its display or use. Errors and omissions excepted.
The author and FXStreet are not registered investment advisors and nothing in this article is intended to be investment advice.