CoinDesk Report:
SlowMist’s investigation unit, MisTrack, has identified key leaks of private keys as the primary cause of cryptocurrency theft in the second quarter of 2024.
The report highlights numerous instances where users stored their private keys or mnemonic phrases in cloud storage services such as Google Docs, Tencent Docs, Baidu Cloud, and Shimo Docs.
Private Key Leaks:
Some users were also found sharing their private keys or mnemonic phrases with trusted friends via tools like WeChat. In some cases, users even utilized WeChat’s image-to-text function to copy mnemonic phrases into WPS spreadsheets, encrypted them, and enabled cloud services while also storing them on local hard drives.
While these measures may seem to enhance information security, they significantly increase the risk of information theft. SlowMist found that malicious entities frequently exploit “credential stuffing” techniques, attempting to access accounts using leaked login information obtained from online sources. Once successful, attackers can easily locate and extract data related to cryptocurrencies.
Fake wallets represent another major cause of private key leaks.
Additionally, phishing schemes emerged as the second-largest cause of theft. In certain cases, victims were deceived by impostors posing as customer support representatives who convinced them to disclose their seed phrases. In other instances, users fell prey to deceptive phishing links on platforms like Discord, inadvertently inputting their private key details.
SlowMist also observed that phishing led to numerous theft incidents in the second quarter of this year, especially through malicious links in comments under tweets from well-known projects.
The company’s security team previously found that nearly 80% of the initial comments under tweets from prominent project accounts were plagued by phishing scam accounts. They also discovered Telegram groups selling Twitter accounts, many of which were related to the cryptocurrency industry and varied in terms of follower count and historical influence.
BSC Encounters Honey Pot Schemes:
The second quarter also saw significant honey pot schemes, where cryptocurrencies appeared promising to investors but were designed to prevent selling after purchase.
SlowMist’s analysis indicates that most honey pot incidents reported this quarter occurred on the Binance Smart Chain (BSC). Scammers circulated these tokens across numerous accounts and exchanges, essentially creating an illusion of widespread participation and inflating trading volumes.
