Binance’s Chief Security Officer, Jimmy Su recently explained to Cointelegraph how hackers and scammers have suddenly fixed their attention on crypto users, especially those with poor “security hygiene”. According to Su, these criminals have formed a well-established ecosystem in the dark web which now works together to target and cheat unsuspecting but vulnerable users.
Low Security Attracts Hackers
Su recalled how Binance received several attacks and hacking attempts on its internal network when the firm began operations in July 2017.
However, the narrative has changed since many crypto exchanges began to invest efforts and resources to tighten their security systems. Their gaze is now on the crypto users and because of this conversations relating to “security hygiene” have become necessary.
“Hackers always choose the lowest bar to achieve their goals because, for them, it’s a business as well. The hacker community is a well-established ecosystem,” he added.
Darknet Bad Actors Form a 4-Tier Ecosystem
Based on Su’s classification, the darknet ecosystem comprises of four distinct groups; intelligence or data gatherers, data refiners, hackers, and money launderers. The first group which the CSO regard as “threat intelligence” is responsible for gathering information about the targeted crypto user. Most of the time, this information is harvested in bulk, hence, the bad actors present this massive data in spreadsheets.
This intel is usually details of crypto websites that the user frequents, what emails they use, their name, and the social media platform that they use. This info is then refined by data engineers who use “scripts and bots” to determine exchanges the crypto enthusiast may be registered with. Hackers then create an attack with the refined data and the funds received in the end are transferred to crypto mixers which help in the laundering process.
Bad Actors Breach Users Data
Without going through all four phases, there is currently a market for the sale of information collated by data gatherers on the dark web. Last year, about 400 million Twitter users’ data was made available on the black market by a hacker. It included data from Ethereum (ETH) co-founder Vitalik Buterin, Canadian businessman and Shark Tank host Kevin O’Leary, and American billionaire Mark Cuban.
Almost at the same time, users and vehicle sales data of Shanghai-headquartered automobile company Nio were breached by a hacker who was demanding Bitcoin (BTC) as a ransom payment. In Gemini’s vase, the hackers went as far as releasing ads stating that customers’ information including email addresses, phone numbers, and other personal details were up for sale.