MistTrack, the investigative arm of cybersecurity firm SlowMist, has identified private key leaks as the leading cause behind crypto thefts in the second quarter of 2024.
According to a June 2 report, the leaks resulted from malpractices such as storing private keys on cloud storage services such as Google Docs.
Further the report warned that sending sensitive information via messaging platforms like WeChat also poses risks despite these platforms employing security measures such as end-to-end encryption.
“These actions, which seem to enhance information security, actually greatly increase the risk of information theft.”
Hackers allegedly use “credential stuffing,” to gain access to victims’ sensitive information. This involves using leaked account credentials found online to log in to cloud storage and other services used by the victim.
“If successful, they can easily find and steal crypto-related information,” the report added.
In addition, MistTrack warned of other deceptive tactics employed by attackers, such as posing as customer service agents and sending phishing links to victims via platforms like Discord.
As such, it urged users not to disclose their private keys or mnemonic phrases under any circumstances.
Fake wallets that mimic popular cryptocurrency wallet applications were also flagged as a leading cause of private key leaks. These sorts of applications are mostly prevalent on third-party sites, which users often prefer due to geographical constraints and other reasons.
SlowMist highlighted apkcombo, a Google Play Store alternative, which offered the imToken crypto wallet. While there is an actual imToken app, the imToken 24.9.11 version available on apkcombo was “non-existent” and designed to steal a user’s private keys when interacted with.
“The advanced nature and professional level of these phishing activities far exceed our expectations.”
However, such applications aren’t just available on third-party sites. Last week, crypto.news reported a similar incident where a fake Phantom wallet managed to bypass Apple’s app store security measures and drained crypto assets from anyone who imported their private keys into the app.
Other causes of crypto theft involved phishing links on social media platforms and fraudulent schemes.
Honeypot scams were the most common fraud scheme in Q2 2024. This involves creating bogus cryptocurrency projects with promising use cases to lure in investors. However, once an investor invests, they are unable to sell their holdings.
Most honeypot incidents reportedly occurred on the Binance Smart Chain (BSC), the report added.
Crypto scams and hacks have wiped off approximately $20 billion worth of assets between 2011 and March 2024. June 2024 alone saw hackers steal $176.2 million worth of assets from crypto platforms.
