Gutter Cat Gang encountered a fraudulent attack based on the SIM swapping technique, resulting in significant losses amounting to $765,000. The project team has shed light on some details of the attackers' actions and has not ruled out the possibility of providing compensation to the victims.
Contents:
- SIM Swapping Technique
- Types of Cyber Attacks on Cryptocurrency Exchanges
- How are Cryptocurrencies and NFTs Stolen?
- Protecting NFT Collections: Potential Compensations after Hacking Attacks in the Crypto Industry
SIM Swapping Technique
SIM swapping, or SIM card swapping, involves a hacker obtaining information about their victim and then contacting the mobile network operator on their behalf, requesting a reissuance of the SIM card, claiming that the old one was lost. When the fraudster successfully acquires the victim's active phone number, they can bypass the two-factor authentication (2FA) used on various cryptocurrency exchanges and platforms.
This grants the hacker access to the device receiving messages intended for the legitimate owner of the phone number. Many users of cryptocurrency exchanges and centralized platforms use 2FA, in which SMS messages play a crucial role. By obtaining a combination of email address and password, the culprits can gain access to the account and withdraw assets.
This scheme allows fraudsters to carry out sophisticated attacks that can yield substantial sums, including cryptocurrencies, including NFT assets. The NFT market continues to enjoy immense popularity among investors, making it an attractive target for cryptocurrency hackers.
Such attacks underscore the necessity of enhancing security in the cryptocurrency sphere, including the use of more robust authentication methods such as hardware key authentication or biometric-based authentication. It is also essential to remain vigilant and refrain from sharing sensitive information with unfamiliar sources to prevent falling into fraudsters' traps.
Types of Cyber Attacks on Cryptocurrency Exchanges
Most common types of cyber attacks on cryptocurrency exchanges
Cryptocurrency exchanges remain an attractive target for hackers, and here are the most prevalent types of cyber attacks they employ:
| Species | Description |
|---|---|
| Phishing Attacks | Phishers often create fake websites that closely resemble official exchange pages. They lure users to these sites and trick them into entering their personal information, such as usernames and passwords. By gaining access to users' accounts, hackers can intercept funds and cryptocurrencies. |
| Malware | Hackers develop malicious software that can infect users' computers through email attachments, malicious links, or poorly protected software. These programs can capture personal data or provide hackers with remote access to the system, enabling them to steal cryptocurrencies. |
| Social Engineering | Hackers can utilize manipulation and deception to approach exchange employees and persuade them to grant access to systems or information. |
| DoS Attacks | Criminals can launch Distributed Denial of Service (DDoS) attacks on exchanges, overloading their servers and causing temporary disruptions. In the chaos created by these attacks, hackers may attempt to exploit system vulnerabilities. |
| Internal Attacks | Sometimes exchange employees misuse their privileges to gain unauthorized access to user data and funds. |
Sometimes, exchange employees may use their privileges to gain unauthorized access to user data and funds.
To reduce the risks of hacker attacks, cryptocurrency exchanges and their users must adhere to strict security measures. This includes using strong passwords, two-factor authentication, and regularly updating software while applying modern data protection technologies. Awareness and vigilance are key in combating cyber threats and ensuring security in the cryptocurrency industry.
How Cryptocurrencies and NFTs Are Stolen
Suspicious activity related to fraud was noticed within the cryptocurrency community last week. After some time, one of the co-founders of the Gutter Cat Gang project, known as "Gutter Mitch," issued a warning on his Twitter page. The warning mentioned statistics about the NFT collection called Gutter Cat Gang.
Another co-founder of the project, known as "Gutter Ric," also fell victim to hackers who gained access to his account. The fraudsters used his account to spread links to fake limited-edition NFT sneaker sales, supposedly from the Gutter Cat Gang team. Clicking on these links automatically redirected funds from users' hot wallets to the hackers' accounts.
The essence of such hacks lies in exploiting permissions to interact with smart contracts, which users unknowingly grant. For example, a fraudulent developer can set up a function allowing them to withdraw funds from someone else's wallet.
There is a platform called Revoke.cash, which allows users to revoke all permissions granted to various smart contracts from their addresses. It is crucial to do this to secure digital assets from potential threats. It is recommended to revoke permissions for known platforms that are no longer in use to prevent possible hacks. These simple measures will help make users more protected against cryptocurrency and NFT theft.
Protecting NFT Collections: Potential Compensations after Hacking Attacks in the Crypto Industry
Prominent crypto enthusiast with the handle ZachXBT warned of potential security threats faced by the NFT collection project due to SIM swapping. Hackers gained control of the project's Twitter account and used it to post links to fake websites aimed at stealing crypto assets. ZachXBT also noted that using SMS 2FA is unreliable and recommended using more secure platforms like Google Authenticator.
After the incident with the NFT collection developers, the need to consider a compensation program for affected users arose. The losses from hacking attacks in the cryptocurrency industry have been staggering over the years, exceeding $30 billion in total. SlowMist conducted research, revealing that over 30% of these losses, or $10.95 billion, were stolen from centralized exchanges.
In total, 118 exchange hacks were recorded from 2012 to 2023. The most significant breaches occurred in 2021, causing almost $5 billion in damages. Most major hacks took place during bull market cycles when the digital asset industry experienced significant growth in short periods.
Phishing attacks were the most common type, and the NFT token sphere did not escape damage, with losses totaling around $200 million. Ethereum and BNB Chain were the primary targets for hackers in terms of both the number of breaches and the volume of stolen funds, with losses of $3.1 billion and $1.45 billion, respectively.
Gutter Dan, a team member of the project, stated that they are actively collaborating with cybersecurity experts and law enforcement agencies to investigate the incident. Users can expect further information on potential compensations.
To prevent such incidents, experts recommend storing crypto assets in hardware wallets and avoiding using these addresses to interact with smart contracts. Security and protection remain top priorities in the digital asset industry, and measures must be taken to minimize user losses.
