About 1.1 million in XRP was stolen in a phishing scam on a Ledger lookalike wallet with crypto scams and attacks being on the rise this year. In our latest crypto news, we will learn more about the attack.
The process usually happens as follows: scammers target sites like Twitter, YouTube, and Google search in order to trap unsuspecting users and create fake ads like alluring giveaways or even create a fake website using domains that are similar to the original with 0 instead of o or other misspelling mistakes. These attack vectors last week saw 1.1 million XRP stolen from a fake Ledger site with the attackers using fake domain names and swindling funds as well.
We also see an uptick in reports of stolen XRP as a result of this scam. Stay alert! 🚨 https://t.co/azd674Hesj
— XRP Forensics (@xrpforensics) November 5, 2020
The stolen XRP coins from different users are now worth about $280,000 according to the data. The attackers sent the funds to Bittrex which was unable to seize or flag the addresses and allowed the attackers to actualize the loot. Bittrex didn’t comment on questions of the stolen funds at press time. Dmytro Volkov, the CTO of the international crypto exchange CEX.io, said that these attacks against the crypto wallets are usually focused on the most vulnerable parts which are the devices themselves:
“It is relatively easy to hack end-user devices or to “hack” (read trick) humans by using social engineering. Direct hacking and cracking of wallets are rare because of high information security standards and complex cryptography used in wallets.”
The hack by “social engineering” was infamously seen during the July outrage and the attack on Twitter which saw a 17-year old teen from Florida, targeting 25 high profile accounts and started a crypto scam. There’s no reliable method to protect from social engineering but there are certain widespread social engineering signs that one should know about. Such signs should alert your attention and demand more checks as well. In the meantime, Volkov suggested that users check website URLs and HTTPs certificates before engaging in any crypto platform despite the visual similarities.
This phishing scam (notice the fake domain lẹdger.com), has already stolen more than 1,150,000 XRP from @Ledger users. Please watch out!
We will follow the money. pic.twitter.com/Q8XD2awdo7
— XRP Forensics (@xrpforensics) November 2, 2020
This method, the one used by fake Ledger involving the stolen XRP sees hackers create a similar site to the real website and hope to get the users’ passwords or one-time confirmation codes after which the credentials get changed and all assets are transferred out. Crypto attacks dropped this year as education for more security measures and awareness about the attack vectors was installed among users. however, the sector still grows and attracts newer users as attackers find newer ways to bait the users.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post