Darknet bad actors work together to steal your crypto, here’s how — Binance CSO

Lurking in the shadiest corners of the dark web is a “well-established” ecosystem of hackers that target cryptocurrency users with poor “security hygiene,” according to Binance’s chief security officer.

Speaking to Cointelegraph, Binance CSO Jimmy Su said in recent years, hackers have shifted their gaze toward crypto end-users.

Su noted when Binance first opened in July 2017, the team saw plenty of hacking attempts on its internal network. However, as crypto exchanges continued to beef up their security, the focus has shifted.

Phishing scams are particularly prevalent in emails.

They are used as a way to collect your sensitive information by impersonating someone you trust.

Use the blog below to learn how to stay safe from them. https://t.co/UtKBvR52lX

— Binance (@binance) July 4, 2023

“Hackers always choose the lowest bar to achieve their goals, because for them it’s a business as well. The hacker community is a well-established ecosystem.”

According to Su, this ecosystem comprises four distinct layers — intelligence gatherers, data refiners, hackers and money launderers.

Data gatherers

The most upstream layer is what Su described as “threat intelligence.” Here, bad actors collect and collate ill-gotten intel about crypto users, creating entire spreadsheets filled with details about different users.

This could include crypto websites a user frequents, what emails they use, their name, and whether they’re on Telegram or social media.

“There is a market for this on the dark web where this information is sold […] that describes the user,” explained Su in a May interview.

Su noted this information is usually gathered in bulk, such as previous customer information leaks or hacks targeting other vendors or platforms.

An employee of our email vendor, https://t.co/6vM4WAcJal, misused their employee access to download & share email addresses with an unauthorized external party.

Email addresses provided to OpenSea by users or newsletter subscribers were impacted.https://t.co/Osb6qqkqZZ

— OpenSea (@opensea) June 30, 2022

In April, a research paper by Privacy Affairs revealed cybercriminals have been selling hacked crypto accounts

“There are groups that we know that may sit on their stolen gains for two, three years without any movement,” added Su.

While not much can stop crypto hackers, Su urges crypto users to practice better “security hygiene.”

This could involve revoking permissions for decentralized finance projects if they no longer use them, or ensuring communication channels such as email or SMS that are used for two-factor authentication are kept private.

Magazine: Tornado Cash 2.0 — The race to build safe and legal coin mixers