How Do Hackers Hijack Online Bitcoin Wallets?
Hackers hijack online Bitcoin wallets every day. Here's how they do it, and how you can protect yourself.
Bitcoin wallets are a great invention, especially now that cryptocurrency is becoming mainstream. The concept of storing cybercurrency in an online "wallet" is one that just plain makes sense—and also can help investors when it comes to centralizing their cryptocurrencies.
As great as the invention of Bitcoin wallets can be, plenty of reports have arisen involving hapless investors that end up having accounts cleared by hackers. Truth is, hackers hijack online Bitcoin wallets and other information all the time.
Ever wonder how you can protect yourself from a Bitcoin wallet hijack? Experts narrowed down three major ways it happens...
The easiest way that hackers hijack online Bitcoin wallets is by making a spoof wallet app.
Bitcoin wallet apps are a dime a dozen—and not all of them are trustworthy. Faux wallets are a common way hackers hijack online Bitcoin wallets.
Many hacker groups will create Bitcoin wallets that do little more than stealing users' personal information, then later reroute the Bitcoins deposited into the wallet into their own account.
Some are a bit sneakier. As a way to avoid too much attention, hackers may also make the wallet behave totally trustworthy for a month or two and then hijack the account.
The entire Bitcoin wallet company then shuts down, claiming to be hacked. All your Bitcoins are gone after the hack, with no way to get them back.
This classic scam can happen with Bitcoin exchange companies, Bitcoin mining groups, and other cryptocurrency platforms as well. It's become a bit too common for the tastes of some.
Spotting a Bitcoin scam is fairly easy to do when you know the signs. It's strongly suggested to exercise caution if you're going to be investing in a Bitcoin wallet.
The second most common way hackers hijack online Bitcoin wallets is by tricking customers into telling their passwords or private key to the wrong person.
A lot of Bitcoin wallets are fairly secure, and would take a decent amount of skill to hack. Since a lot of hackers don't have that amount of skill, they often will try to come up with a way to get people to give them the information they need in order to take control of the wallet account.
This can happen through a variety of ways, both old school and new school in manner. Old school techniques include email phishing, text phishing, and even pressuring them via social engineering techniques.
At times, hackers might bypass security conscious customers and direct their trickery to the company itself.
As much as we want to believe that hackers will not be able to tamper with the information we give the Bitcoin wallet company we trust, the truth is that a lot of cryptocurrency companies don't really invest enough time in cybersecurity.
This is precisely what happened with the NiceHash security breach. NiceHash, a major Bitcoin wallet company, lost around $63 million because of it. Hackers were able to hijack their account and cleared everything out.
Yes, you can follow all the cyber security tips in the world and still end up hacked. Such is what happens when you trust the wrong digital wallet company.
Though spoofed wallets and phishing are ways hackers hijack online Bitcoin wallets, they're not the most worrisome way.
The truth is that there's a much more insidious way hackers can drain your Bitcoin wallet—and it's one that requires only knowledge of your name and phone number. They use a very well-known flaw in the telecom network affecting a system called Signalling System No. 7, or SS7, to hijack accounts.
The SS7 flaw allows anyone with access to the SS7 to send and receive messages to and from cell phones. This weakness means that hackers can "listen in" on cell phone texts, get data you send via email on your phone, and more.
When using SS7 weaknesses, the first thing hackers will do is hijack the user's Gmail account.
They do this by using Google's function to find email addresses using the cell phone number. Then, they do a password reset via the phone that's being hacked. Hackers then choose a new password, and open up the account.
This alone would terrify most people. For the majority of people out there, our lives are connected to our emails. This gives hackers a pretty scary amount of control over our goods.
After they break into Gmail, hackers will often search for Bitcoin wallets and online bank accounts.
Hackers hijack online Bitcoin wallets using SS7 weaknesses the exact same way they do regular bank accounts. They search for the accounts you have, reset the password using your data, and then use the new password to get into your account.
Once they're in your account, they usually clear out the account—because that's what hackers do. The dawn of digital banking came with this risk, and unfortunately, it's one that cyber groups still struggle with.
Right now, authorities have noticed a couple of ways that hackers have been gaining access to SS7.
Though it sounds pretty grim, there is some good news about learning how hackers hijack online Bitcoin wallets via the SS7 weakness. The good news is that actually gaining access to SS7 isn't really that easy.
Authorities have already noted that most hackers are gaining SS7 access via black markets on the dark web. More specifically, they're using services like Interconnector to gain the access.
It's also becoming clear that legitimate surveillance companies are also selling SS7 access.
One such company that has gained authority attention is Israeli spy company Ability Inc. Their Unlimited Interception app has been used to gain access into SS7 by legitimate groups. Currently, the app costs $5 million—making it unreachable by most people's financial standards
If it were to fall into the wrong hands, things would get very hairy.
There are a couple of ways to prevent damage from being done.
Just because this is a major flaw doesn't mean you can't protect yourself. Netsec experts claim that the key thing here is to use security features offered by Google and Apple that go beyond a typical SMS prompt.
By not leaving your authentication to an SMS prompt, you're blocking hackers from being able to get into your email. This means that, while you should still use two-factor authentication, you need to consider using a security key or Google prompt as well.
Until there's a patch that's released by telecom industries, the SS7 flaw will continue to become increasingly exploited.
As any cybersecurity buff will tell you, once an exploitation route has become publicized, it's only going to get worse. Experts are noting a serious uptick when it comes to seeing hackers hijack online Bitcoin wallets already.
Unfortunately, telecom industries have been sluggish at fixing the SS7 loophole—and until they do, you can bet it'll allow more breaches and more problems for everyone involved.