Concerns around the vulnerabilities inherent in crypto-currencies are not new, with several countries implementing increasingly complex bans on them, including China, Bangladesh, Qatar, Nigeria, Egypt and Morocco. Others are considering increasingly rigorous controls over how these currencies are managed and accessed.
“The crypto-currency ecosystem is still very much the Wild West,” says Anna Collard, SVP content strategy & evangelist at KnowBe4 Africa.
“According to Elliptic’s report "DeFi:Risk, Regulation and the Rise of DeCrime", over $12 billion in losses have been suffered by DeFi users and investors, due to theft and fraud through malicious exploitation of flaws in decentralised applications, decentralised exchanges, lending protocols and asset management offerings.
Loopholes for criminals
According to Collard, crypto platforms and services that use Web sites and third-party service providers that are off the blockchain to interact with their customers, open up new loopholes for criminals.
“This could be used to phish their customers, scam them, hijack accounts and steal data, or gain user trust so they can steal their information. These are just some of the opportunities that are ripe for fraud, and people need to be prepared for these risks and take steps to protect their funds.”
She says a good idea, is to move funds from a hot wallet to a cold wallet, or cold storage, as soon as possible. “These are named accordingly because they are not directly connected to the internet and store users’ private keys offline to ensure that no one on the Internet can tamper with them.”
This adds on an additional level of protection that can mitigate the risks of the secret key being stolen by malware on a computer, for example. This does offer a level of protection, Collard explains, but will not help protect against phishing scams trying to lure people into authorising payments, providing their key to the scammers or falling for any of the other fraudulent crypto investment scams.
Understanding the complexities, vulnerabilities
This is why it is critical to fully understand the complexities and vulnerabilities that come with crypto-currencies, in order to protect against them, intelligently.
Moreover, Collard says there are issues with the platforms and marketplaces themselves, many of which are rife with crooks who commit trading malpractice, defraud people and carry out scams. “They have not gone away just because the currency has moved onto digital platforms.”
She says smart contracts are pieces of code that are used by crypto platforms, exchanges and other players to transact on the blockchain.
“These pieces of code are written by software engineers who, like any other human, makes mistakes. So what cyber criminals do is sift through GitHub and look for known or reported vulnerabilities that they can use often to steal from the platforms directly,” she says.
If the world wants to move towards crypto-currencies as a more accepted mainstream form of finance, the ecosystem has to sort out both security and sustainability challenges first.
“And investors or potential users need to understand the inherent risks in this market, do their best to protect their wallets, remain aware of social engineering and stay ahead of the scams,” Collard ends.
Share