Bitcoin Day is around the corner. According to reports, crypto scammers took a record $14 billion in 2021. Over the past 12 months, Check Point Research (CPR) has found serious security flaws in leading Web3 platforms such as OpenSea, Rarible and Everscale. CPR estimates thousands of crypto-related cyberattacks took place in 2021 and at least 40 major cyberattacks on this front, caused losses between 1 to 3 billion dollars.
Threat analysis
CPR has outlined the reasons behind the growing crypto scam threat landscape:
- Rapid innovation leaves vulnerabilities: Cryptocurrency is growing fast. New innovation is great, but often built with potential holes for breaches.
- More focus on tech, less focus on security: New projects are coming out each day. The problem is that there is not enough focus on securing what is being built. The risk here is that new frontiers, like the metaverse will be built on an insecure foundation. More focus on security is needed.
- There is a lack of security experts: In a new frontier, the security space has yet to fully embrace the front lines of Web3.
How to stay protected
Blockchain transactions are irreversible. In blockchain, unlike a bank, you cannot block a stolen card or dispute a transaction. If the keys for your wallet are stolen, your crypto funds can become easy prey for cybercriminals, and therefore safety should be users’ concern at all times. To prevent theft of the keys, and as general safety tips, CPR recommends:
- Do not click on suspicious links, especially if the links come from an unknown source
- Keep your OS, anti-virus software and cyber security software updated at all times
- Do not download software and browser extensions from unverified sources
- Be careful and aware whenever receiving requests to sign any link within the any marketplace
- Prior to approving a request, users should carefully review what is being requested, and consider whether the request seems abnormal or suspicious
- If there are any doubts, users are advised to reject the request and examine it further before providing any kind of authorization
- Users are advised to review and revoke token approvals under this link: https://etherscan.io/tokenapprovalchecker.
Oded Vanunu, Head of Products Vulnerability at Check Point Software, says, “Today with the big tech companies investing in the metaverse, the fine-tuning of blockchain technologies and active innovations are creating the new Internet, the internet of value. We now stand at the dawn of a new era, the metaverse era, and it will be a fascinating time to see what is to come and how we will secure its future.”