"Kaspersky Lab": the risk of losing crypto wallet data has increased significantly

Since the beginning of 2022, the company has recorded almost 200,000 attempts to steal data from cryptocurrency wallets and crypto investor accounts, according to a Kaspersky Lab report.

Since the beginning of 2022, the company's experts have detected and blocked almost 200,000 phishing attacks aimed at stealing digital currency or customer credentials. Malicious activity peaked in April, when almost 50,000 cases were recorded, which is equivalent to half the figures for the entire first quarter.

“Cryptocurrency is an attractive target for scammers. They see growing interest from a wide audience and use it for their own purposes. Phishing attacks on digital asset holders do not require advanced technical skills, mainly attackers use social engineering techniques,” the report says.

The results of the analysis show that with the rapid growth in the popularity of crypto assets observed over the past five years, obtaining unauthorized access to digital wallets is becoming the main target of online fraud.

Kaspersky Lab experts have witnessed the creation of various criminal schemes to steal confidential data, from luring victims with free gifts allegedly sent by crypto exchanges to the distribution of malicious files imitating the most popular crypto wallets.

For example, the attackers mimic the websites of the original cryptocurrency wallets and ask potential victims “on behalf of the service” to enter a recovery key or seed phrase along with a username and password. As soon as the credentials are stolen, the user is redirected to the real site of the cryptocurrency service, which hides the fact of criminal actions of scammers.

Kaspersky Lab experts found that in the first five months of 2022, the company's technologies prevented more than 1,400 downloads of hidden malware to steal digital wallet data.

The brands of the Binance exchange (75%), Electrum wallets (10%) and MetaMask (9%) are most often used as fronts. In most cases, the malware used in fraudulent schemes is Trojan downloaders, which are used to covertly install malware and gain access to critical data.

Last year, Kaspersky Lab warned that attackers were luring users through links in Discord channels to fake sites of large exchanges or well-known projects, promising to give away bitcoins and ethers.