Singapore Authorities Warn of Rising Cyber Threats Involving Cryptocurrency Draining Malware
Summary:
Singapore's Cyber Security Agency and Police Force have issued a warning about the rise in use of cryptocurrency draining malware by cybercriminals. Commercial malware kits allow these criminals to steal funds from users’ wallets via phishing attacks, often using compromised social media accounts or emails. Stolen funds are redirected via services that prevent tracking, making recovery slim. Singaporean authorities are advising the use of hardware wallets and extensive research to protect against such attacks.
The Cyber Security Agency of Singapore (CSA) and the Singapore Police Force (SPF) have warned the public about the increased use of cryptocurrency draining malware for illegal activities. These wallet drainers are used by cybercriminals to illicitly gain access to cryptocurrency wallets and siphon off funds. These kinds of attacks begin through phishing scams where users unknowingly click on malicious links.
Worryingly, 'commercial' crypto draining kits are readily available for cybercriminals, allowing them to utilize advanced malware free of cost. In these setups, culprits utilize the drainer-as-a-service (DaaS) model and split their ill-gotten gains with the service provider. SPF and CSA's advisory revealed that phishing scams are the main mode of entry for these attacks, specifically through hacked social media accounts or illicit emails from compromised service providers' databases.
Victims are often redirected to fraudulent trading websites when they click on phishing links. These websites ask users to link their Web3 wallets and, subsequently, a malicious smart contract is injected into the system. This then allows the attackers to withdraw funds without any further consent. While no such incidents have been reported in Singapore, they've become more prevalent among hackers globally. In 2023, MS Drainer, a commonly used crypto drainer, assisted in the theft of $59 million worth of cryptocurrency.
Stolen cryptocurrency is usually moved via services that make tracking them difficult, like crypto mixers, making recovery almost impossible. To fortify against such attacks, Singaporean authorities suggest using hardware wallets and conducting in-depth research into crypto investments. They also urge citizens to report any incidents to the relevant authorities and the crypto service providers. It's essential that victims invalidate any suspicious token approvals following an incident and quickly move any remaining funds to a secure wallet to preclude further losses.
Published At
2/1/2024 9:42:00 AM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.