If the ecosystem is far from being limited to this, it is clear that many malicious individuals take advantage of the flaws of certain systems to carry out their attacks. Recently, there has been a significant increase in hacking of “known” players in the field. The latest is none other than the project Nomad Bridge. In this context, the cybersecurity company Netskope publishes a report which alleges that some hackers use SEO techniques via Google sites and Microsoft Azure in order to redirect users to sites of phishing.
the phishing (phishing) is defined as a form of scam that consists of deceiving an individual’s personal data and then using it in a malicious way. Very quickly this type of attack emerged in the cryptocurrency sector. We then speak of “cryptophishing”an attack here can take place (mainly) in two different ways.
Like evoked, the ecosystem is increasingly affected by hacking. Whether it’s the Nomad Bridge hack, Curve (CRV), Solana or even Uniswap, no actor seems to be spared today. And each time, hundreds of millions of dollars are stolen.
Gold, the mass adoption of cryptocurrencies is conditional on the security of the various protocols on the market. For this reason, it is a major issue to which every company can be (is) concerned.
What could be better than a report identifying the techniques used by certain hackers to remedy this?
Phishing attack – Netskope publishes its report
In this general climate, Netskope publishes a report on cryptophishing. And the result of his investigation is edifying: some hackers use SEO techniques to direct users to sites of phishing. Lately, this type of attack has been implemented on the wallet MetaMask. But also on cryptocurrency exchange platforms like Coinbase, Gemini and Kraken.
In fact, hackers will create a blog, often hosted on Googles Sites Where Microsoft Azure. Once the blog is created, all you have to do is distribute links with SEO content in order to be referenced in search engines. However, with this technique, search engines can be mistaken and believe that it is a real cryptocurrency site.
But instead of that, sites redirect users to sites of phishing. These latter then imitate known platforms (Kraken, Gemini etc)
Netskope identifies two types of phishing used by hackers
Netskope explains that there are two types of mechanism of phishing.
- the first way consists of directly acquiring the seed phrase (access key to a wallet) from a user by “inviting them to import this data. To illustrate, Netskope claims that this is the tool used on the site of phishing MetaMask.
- the second way consists of “obtaining user account information in one of the exchanges targeted by phishing. When users enter their information, the sites return an error and prompt them to contact a support operator who will try to get more information from the users to successfully acquire their funds. »
To protect itself, Netskope makes recommendations to its readers.
“Netskope strongly recommends that users never enter credentials after clicking on a link. Instead, always navigate directly to the site you are trying to connect to. For organizations, we also recommend using a secure web gateway that can detect and block phishing in real time. »
Netskope company statement.