Bitcoin Becomes Target For Internet Fraud, Phishing And Typosquatting
Attackers have posed serious threat to Bitcoin security. Last month has seen them carry out a phishing and typosquatting campaign to steal private information stored in Bitcoin Wallet. An evidence of more than 100 fake Bitcoin and blockchain domains has been traced so far. It suggests that most of these domains were registered on May 26 and many more popping up indicate there is more threat coming and all seems to be part of a big campaign.
A cybersecurity firm, Cyren, is credited with identifying this aberration through a domain blockchain.info getting spread from a Google Payperclick scam ad. So if an internet user followed that link and went to the website, actual information of his transaction would get recorded and handed over to attackers.
Post Cyren raising the alarm, OpenDNS went deeper into the investigation and found similar loopholes such as the fake domains Cyren had earlier found.
OpenDNS identified another misleading URL, blolkchain[.]com associated with the same IP a couple days after the fact, on June 13, which incited specialists to investigate the IP and comparable IPs in that extent.
Bitcoin addresses must be Base58Checkencoded with a specific end goal to stay away from disarray between comparable looking characters like capital “O” and the number zero. As the scientists call attention to, that is the reason the phishing spaces they discovered depend so vigorously on typosquatting, or when Internet clients include a site address into a web program, make typographical mistakes, and get brought somewhere else.
“From these illustrations, it’s reasonable the criminals have a strong comprehension of security instruments utilized by Bitcoin and are attempting to thrashing them,” the specialists composed Monday.
OpenDNS said it hindered the malevolent IP ranges for its clients and that going ahead wallet organizations ought to reinforce their security with a specific end goal to counteract phishing and typosquatting assaults like ones utilized by the attack.
The news comes during an era when buoyancy around the cryptocurrency is on an all time high.