The Singapore Police Force (SPF) and Cyber Security Agency of Singapore (CSA) have recently observed several tactics that threat actors have employed to compromise and withdraw cryptocurrencies from victims’ wallets and would like to remind members of the public on the importance of safeguarding their cryptocurrency assets. As cryptocurrencies become more widely adopted, they may become an attractive target for threat actors. 

Tactics Employed by Threat Actors in the Cryptocurrency Space

Threat actors employ a range of tactics, from social engineering by tricking victims into divulging personal information such as their seed phrases, to exploitation of software vulnerabilities. Some of the methods observed include:

  1. Imposter Profiles: Threat actors often impersonate legitimate entities in the blockchain industry on social media platforms, offering free giveaways or promotions that require victims to ‘verify’ their wallets by sharing personal information such as their login credentials. In some cases, threat actors may also impersonate employers from cryptocurrency companies, requesting victims to demonstrate their level of competency in the blockchain field under the pretext of assessing their capabilities. Subsequently, threat actors would send the victims malicious links that contain scripts that will automatically transfer cryptocurrencies out of the victims’ wallets when run. 
  2. Phishing Websites: Threat actors often use phishing websites to target cryptocurrency wallets by creating spoofed websites that impersonate legitimate wallet providers, exchanges or platforms. In some cases, they may also create websites promoting new cryptocurrency tokens that promise high investment returns to lure victims, while leveraging social media advertisements and posts to amplify their reach online. 
  3. Exploiting Software Vulnerabilities: Threat actors are always on the lookout for opportunities to exploit software vulnerabilities, especially those related to multi-threading, recursion or smart contracts. To ensure the security and integrity of the smart contract, it is essential to perform thorough testing and vulnerability checks before deploying the smart contract. An example of a smart contract exploitation is the ‘Re-entrancy Attack’, which interrupts smart contract’s transactions, allowing the threat actor to re-enter the contract before previous transactions are completed, potentially leading to unexpected behaviour in the smart contract or multiple concurrent transactions. 
  4. Exploiting Automated Trading via Smart Contracts: Smart contracts are self-executing agreements with the terms directly written into code. In the context of trading, some smart contracts are designed to monitor trade value in liquidity pools and execute automated trading based on market performance. In this case, threat actors could trick victims’ smart contracts by creating liquidity pool smart contracts assessed to be of high trade value, resulting in cryptocurrencies being automatically transferred to the liquidity pool created by threat actors.

Best Practices for Cryptocurrency Users

SPF and CSA would like to advise cryptocurrency users to adopt the following precautionary measures:

  1. Use Secure Wallets: You should use secure wallets such as hardware wallets to store your cryptocurrencies offline as they are less vulnerable to online attacks. If you are required to perform frequent cryptocurrency transactions, use software wallets from reputable exchanges and ensure that they are updated with the latest security patches. You are advised to enable automatic updates, if available, or regularly check the exchange platform for new updates and install them immediately when available. 
  2. Use Strong Passwords and Enable Two-Factor Authentication (2FA): You should set strong passwords for your wallets and online accounts. Do not share your private keys, recovery or seed phrases with anyone, and store them in physical form at a secure location. Always enable 2FA for cryptocurrency exchange accounts, wallets, and other related services.
  3. Monitor and Review Your Accounts Regularly: Regularly check your wallets and accounts for unauthorised transactions. Enable account activity notifications if it is available on the platform. Regularly review and revoke the use of high allowances by using blockchain explorers or wallet interfaces.
  4. Exercise Vigilance on Using Smart Contracts: Verify the legitimacy and functions of smart contracts before interacting with them. Exercise caution before approving or signing transactions. 
  5. Beware of Phishing Attempts: Avoid clicking on unsolicited links or downloading attachments from unknown sources. Always verify the links with official sources to ensure you are assessing legitimate cryptocurrency platforms. If in doubt, avoid sharing the content with others and verify the information with trusted sources. 
  6. Stay Updated and Informed: Keep up to date with the latest security threats and best practices in cryptocurrency security through official and trusted sources.

What To Do If You Fall Victim to Cryptocurrency Related Crimes

If you are or suspect that you are a victim of cryptocurrency related crimes, you are advised to perform the following immediately:

  1. Contact your cryptocurrency exchange immediately to halt further transactions or freeze your account, if possible.
  2. Review and revoke any suspicious token approvals using applicable wallet interfaces.
  3. If a wallet’s seed phrase is compromised, transfer all remaining cryptocurrencies in the compromised wallet to another wallet immediately.  Report the incident to the Police and CSA’s SingCERT at singcert@csa.gov.sg or via the incident reporting form at https://www.csa.gov.sg/singcert/reporting

If you have any information relating to such crimes or if you are in doubt, please call the Police Hotline at 1800-255-0000, or submit it online at www.police.gov.sg/i-witness. All information will be kept strictly confidential. If you require urgent Police assistance, please dial ‘999’. If you are unsure if something is a scam, call the 24/7 ScamShield Helpline at 1799 or download the ScamShield app to check, deter and block scams. For more information on scams, visit www.scamshield.gov.sg.

As threats in the cryptocurrency asset space are constantly evolving, it is imperative to stay one step ahead of threat actors in protecting your digital assets. By adopting the best practices, we can foster a collaborative effort to create a safer and more secure cryptocurrency space in Singapore. Share this advisory with your family, friends, and colleagues to raise awareness about the latest cryptocurrency threats.

 

SINGAPORE POLICE FORCE
CYBER SECURITY AGENCY OF SINGAPORE
29 November 2024 @ 11:25 AM



Source link