Crypto users and projects need to remain vigilant as they enter the next bull market, being cautious of unreliable exchanges, insecure DeFi protocols, and evolving phishing scams.
According to data from PeckShield, in January alone, hackers carried out 30 attacks and stole over $182.5 million, which is a 771% increase compared to January 2023 and an 84% increase from December. February also set a record with over $380 million stolen, more than double the amount stolen in January. PlayDapp was the victim of a theft of at least $290 million, while FixedFloat lost $26 million and Axie Infinity co-founder Jeff Zirlin lost $9.7 million.
Eric Jardine, the lead of cybercrime research at Chainalysis, emphasized the importance of education in keeping crypto safe. He stated that while crypto protocols are transparent due to their open-source development, this also creates opportunities for bad actors. He advised users to research platforms and DeFi protocols before engaging with them, understanding their security features, and staying updated on their enhancements.
Phishing scams have also been a significant problem in the crypto space. In 2023, over 324,000 crypto users fell victim to phishing scams, resulting in approximately $295 million in losses. Scam Sniffer analysis revealed that social media platforms are the most common source of scam links, often found in advertisements. Beosin security researcher Pan Tao warned about the rise of phishing attacks disguised as Ethereum staking and token airdrops, which have been effective in recent times.
Tao also highlighted the emergence of “drainer-as-a-service” tools, which have become convenient phishing tools. Attackers advertise scams on platforms like Google and X. Scam Sniffer advised users to verify website URLs from multiple sources and thoroughly understand the nature of a contract before signing a transaction.
When it comes to centralized exchanges (CEX), Tao recommended choosing a licensed exchange that periodically publishes proof of reserves. It should also have no withdrawal issues or high withdrawal fees, prompt customer support, and clear responses.
Regarding DeFi protocols, Jardine stressed the importance of addressing vulnerabilities on and off the blockchain. On-chain vulnerabilities, such as in smart contracts, were responsible for the majority of DeFi hacking activity in 2023. However, compromised private keys became a more significant factor in the second half of the year. Jardine suggested implementing systems to monitor on-chain activity for potential vulnerabilities and utilizing products that can detect and respond to cyberattacks.
Overall, the crypto community needs to prioritize education, research, and caution to safeguard their assets in the volatile market.