Cybersecurity in the Bitcoin World: How Anyone Can Protect Themselves from Hackers Stealing Their BTC

Bitcoin has recently cracked the $1000 mark and this is primetime for cyber criminals to kick their operations into high gear in order to maximize their profits.

by Vapir on January 6th, 2017

The following article was written by Betcoin member Vapir and are his suggestions an background. Betcoin is sharing the information with you, however you should research security in detail before making your own decision of how to secure your bitcoin.

Bitcoin has recently cracked the $1000 mark and this is primetime for cyber criminals to kick their operations into high gear in order to maximize their profits. The vast majority of skilled hackers come from Russia, Romania, and China. Keep in mind that China has cybersecurity capabilities on par with the NSA and their Tailored Access Unit (TAO). They are known as PLA Unit 61398 and have stolen hundreds of billions in military and civilian research and development. Luckily, they aren’t focused on stealing Bitcoin.

Romania has been in the criminal btc game longer than anyone, with Russia and China catching up quickly.

There are a number of methods they employ to steal coins and I will expose some of them you’re likely to encounter and provide you with solutions.

As you may know, Bitfinex Exchange suffered a $77,000,000 dollar hack several months ago. Yes, that’s $77 million. It was later revealed that a $99 Trezor hardware wallet would have stopped the hack from happening. There many Bitcoin exchanges that are basically start-ups and many do not have the personnel numbers to adequately protect their infrastructure. They don’t have the money to hire dedicated Cybersecurity response teams, nor do they have many on staff who specialize in counter-intrusion techniques. That’s why I don’t use them. You never know when they will be hacked or looted from the inside. (See Mt. Gox)

I personally use blockchain.info to store my coins, they are established and have never been breached. I have 2FA enabled of course.

2FA stands for two-factor authentication and it requires a phone to utilize it. After you login to your bitcoin wallet on a computer, you will be prompted to enter a six digit code that randomizes every 10 seconds or so.

To enable 2-FA, begin by downloading the app Authenticator on either the Apple or Google Play stores on your phone. It is a free app. After that, navigate to the security page on blockchain.info after you are logged in on your computer and find the section that will allow you to enable 2-FA. You will then be prompted to scan a barcode on your phone, known as a pairing code, and the 6-digit number will now appear on the authenticator app on your phone.

This is a nearly bulletproof way to prevent thieves in their tracks, they will not be able to access your funds even if the had the correct Wallet ID and passcode.
Many exchanges and wallet sites have been victims of attacks and have chosen not to come forward publicly. Hundreds of millions of dollars have been stolen since the advent of cryptocurrency.

Techniques criminals employ:
Spear-phishing is popular right now. It singles out users and sends them bogus emails with legit looking headers and a professional look. To the untrained eye they look like an email from the exchange the user is a member of and will prompt you to fill out a form containing fields like Wallet ID #, password, and sometimes mother’s maiden name, phone number, and driver’s license number. When you fill out their form it sends the info to the hackers and sends you to a page that makes it look like your internet disconnected. You would have no idea what just happened, restart your browser, and be happy that your internet was never actually having problems.
Hackers will first attempt to gain access to a google account related to an online bitcoin wallet where they can copy your Wallet ID from the very first email you used to register with a company like Blockchain.info as it contains the Wallet ID and is likely buried in your inbox. They have lists that contain thousands of targets. They acquire these targets buy simply buying lists with thousands of names and email addresses on them, If you do not have 2-Factor authentication enabled on your phone, your bitcoins will be gone in a heartbeat.

I received an email like this and after stripping the headers I confirmed it was a fake. I opened the email in VMware. There was a nice email and an attachment named *Transaction Confirmed – Bitcoins Released. Curious, I opened the attachment and analyzed the code. It was designed to steal any Wallet IDs and passwords on the computer as well as all saved logins and passwords from Chrome, Firefox, Internet Edge (which I don’t use) and a couple other less popular browsers. I have no idea who got my email address but I am a semi-professional player on bitcoin poker sites and have a profile there. I do not use any form of traditional social media whatsoever. If this can happen to me, it can happen to anyone, especially those who use Facebook. Facebook is notorious for malicious links and they look the same as any other link.

Keyloggers: Software keyloggers can be sent through Skype, Facebook, Twitter, Instagram and any email service. They’ll appear to be a legitimate email from your health insurer or the IRS asking you to click a button to view your refund now that tax refund season is approaching
Rootkits: Rootkits are traditionally undetectable by most anti-virus clients. They allow full control over the system infected. That allows a hacker to install a keylogger that automatically reports daily logs through an email script. That means every thing you type is recorded

Ransomware: This is perhaps the biggest threat to hospitals at the moment. Hospitals, (my dad is a dr. at one) often contain 1 person that functions as the entire IT department. It encrypts all patient records and demands between a $500 and $25000 ransom for the decryption key. Many have paid to retrieve their files as it brings the hospital to a grinding halt.
The FBI detachment in my state was hit with Ransomware and they paid $5000 to get the decryption key to recovery their files.

My point is that any system can be affected by Ransomware and it is important to proactively defend your computer against it.

Alternatively, they attempt to gain access to a google account related to an online bitcoin wallet where they can copy your Wallet ID from the very first email you used to register with a company like Blockchain.info as it contains the Wallet ID. They have lists that contain thousands of targets. They acquire these by breaching exchanges and recovery accounts and targeting those specific users or buy simply buying the list of the darknet sites. If you do not have 2-Factor authentication enabled on your phone, your bitcoins will be gone in a heartbeat.

Coinbase and Bitstamp claimed to have learned from these mistakes. They have a lot of red tape and ID verification in order to use them as well as limits for new users.
I prefer localbitcoins.com to buy BTC with a trader I have been using for 6 years and I’ve never had a problem. To give you an idea, BTC was around $8 a piece back in 2010-2011.
I send cash through the mail via a priority flat rate envelope, pay $6.45 postage, have a tracking number and upload it to the seller and get coins in my protected 2FA account two days later.

Some free tools to protect yourself:
https://www.malwarebytes.com/mwb-download/ - Malwarebytes, better than any virus scanner you can pay for and it’s free.
Free Anti-Rookit software also from Malwarebytes: https://www.malwarebytes.com/antirootkit/

Hardware Wallets for Bulletproof Protection of your Bitcoins:
Trezor Hardware Wallet: https://bitcointrezor.com/
YubiKey 4: https://www.amazon.com/Yubico-Y-158-YubiKey-4/dp/B018Y1Q71M/ref=pd_lpo_1...

KeepKey: the Simple Bitcoin Hardware Wallet - https://www.amazon.com/KeepKey/b/ref=w_bl_hsx_s_pc_web_13205235011?ie=UT...

 Filed under: General, Security

1 Comment

plo8monster: test
Mon, 01/16/2017 - 02:39

test

You must be logged in to comment