Security Experts Warn About ‘ ‘infostealers’ following hackers’ $664 million heist this year
Security Experts Warn– Crypto investors lost $664 million to hackers in the first half of 2024, marking a more than 50% increase from the previous year, according to DefiLlama data.
The majority of losses stemmed from phishing attacks and compromised private keys. This reporter personally lost $45,000 to a malware attack in May.
Cybercrime syndicates, like North Korea’s Lazarus Group, known for stealing billions in crypto, often employ skilled hackers.
Access to high-powered hacking tools is typically limited to cybercrime professionals rather than amateur hackers.
Omer Sadika, CEO of dWallet Labs, highlighted that the rise of open-source hacking tools has lowered the barrier to entry for amateurs, leading to more frequent attacks.
Security experts are increasingly concerned about the rise of open-source infostealers, malware designed to steal sensitive financial information, including crypto wallet credentials.
Expanded Threat Landscape
Hacker forums lurk in the dark corners of the internet’s underbelly, where these infostealers are traded to the highest bidders. However, this model is evolving as these dangerous programs increasingly become open-source and freely accessible, broadening access to a larger pool of potential bad actors.
James Toledano, COO of self-custody wallet provider Savl, expressed concern to DL News about amateur hackers gaining access to powerful tools like infostealer malware.
It’s a numbers game; success can come from just one out of a thousand attempts Toledano noted.
The open-sourcing of infostealers is expanding the threat landscape for malware attacks targeting crypto theft, posing heightened risks to investors.
Web2 security flaws
Open-source infostealers exacerbate the impact of vulnerabilities in Web2 on the security of crypto assets.
dWallet Labs recently uncovered a series of vulnerabilities associated with blockchain validators, potentially resulting in significant crypto losses.
According to their findings, INfStones, a critical infrastructure provider for validators on major blockchain networks, was susceptible to malicious attacks.
Validators stake crypto tokens to verify transactions on blockchain networks.
The report indicated that attackers could potentially access private keys or even take control of the validators.
For the latest in crypto updates, keep tabs on Crypto Data Space.
Leave a comment