Crypto

Here’s how hackers can exploit data


Facebook is not any stranger to data hacks and leaks, with the corporate having been on the receiving finish of many high-profile safety breaches lately. For instance, again in 2018, the social media big revealed that it had inadvertently exposed the non-public information of greater than 50 million customers on account of a small error in its platform coding, thus permitting miscreants to realize entry to its customers’ accounts.

Similarly, in 2020, the Mark Zuckerberg-led agency was embroiled in one other main controversy when it got here to mild that 1000’s of builders had been in a position to entry data from inactive platform customers, once more drawing the ire of many of us throughout the globe.

Now in 2021, the tech juggernaut has once again been hit with a fresh wave of data leaks, nevertheless, this time round, the variety of customers whose information had been uncovered was not 50 million however a staggering 500 million. On April 3, Alon Gal, chief technical officer of safety agency Hudson Rock, revealed that delicate private information for over half a billion Facebook customers was shared on a well-trafficked hacking discussion board.

To be extra particular, the information embrace telephone numbers, full names, areas, birthdates, bios, and, in some circumstances, e mail addresses of over 553 million positioned customers throughout a complete of 100 international locations. Not solely that, of the above-stated determine, 32 million customers are apparently from the United States, whereas 11 million are from the United Kingdom.

Lastly, this data which is now doing the rounds online has doubtlessly put in danger the financial savings of tens of millions of digital foreign money merchants and hodlers who now could also be weak to SIM swapping and different identity-based assaults, which have happened lately.

What needs to be completed?

How precisely does this most up-to-date breach place in danger the crypto belongings of people? Dave Jevans, CEO of blockchain safety agency CipherTrace, informed Cointelegraph that individuals who have had their telephone numbers leaked should be further cautious since plenty of fraud involving digital belongings hinges on such data, including:

“We’ve seen an increase in SIM swaps, phishing attacks and other types of fraud involving cryptocurrencies that rely on acquiring the phone numbers of victims to execute. Leaked info about the identity of high-profile crypto users gave bad actors the ability to target them.”

He went on so as to add that people who imagine their crypto could also be at some type of danger must rethink their current privateness methods — mainly, pondering twice earlier than storing all their holdings in a centralized alternate which will leverage consumer telephone numbers for two-factor authentication.

Jevans additional opined that managing one’s personal keys may very well be a greater solution to shield our valuables from being phished by way of the usage of stolen telephone numbers. However, he conceded that even that is probably not sufficient. “Phishing attackers can still use other means of acquiring account and address information, but it’s much harder,” he added.

Providing a tackle the matter, Ben Diggles, co-founder and chief income officer for Constellation — a scalable enterprise-grade blockchain creating a typical for securing data in transit — informed Cointelegraph that Facebook’s newest safety lapse is no surprise, particularly since most customers of the social media platform have a tendency to stick to a special mindset — i.e., they like their world to be managed and arranged for them.


He added that for many customers, in the event that they neglect their passwords, they can simply have the system reset it for them. Not solely that, in Diggles’ view, most people utilizing Facebook aren’t even completely conscious of how huge their digital footprint truly is — a aspect that Facebook doesn’t make too apparent both — including:

“Those that are crypto holders that were on the list have little to worry about unless they were storing descriptive details of their holdings and access on their Facebook account. However, these hackers have gotten really sophisticated, so I have no idea what tricks they may have [up] their sleeves with regards to scraping info specific to crypto wallets and exchanges.”

That mentioned, as a precautionary measure, he believes that it might be greatest if most customers change their passwords throughout all of their social media accounts in addition to different platforms that share their data with Facebook.

Does decentralization matter?

As extra data leaks proceed to occur, an rising quantity of individuals around the globe are starting to comprehend the worth proposition that decentralized methods put forth from a safety standpoint, particularly since they don’t characteristic a single level of failure.

On the topic, Eli Arkush, a cloud options engineer at cybersecurity agency GlobalDots, opined that having the backend system of a platform distributed utilizing blockchain know-how may make it a bit more durable on the hackers to come up with consumer data; nevertheless, as soon as credentials fall into the incorrect arms, password reuse can change into a difficulty.

Similarly, Diggles believes that few individuals are educated sufficient to know why decentralization truly counts, since, in principle, all the pieces already appears pretty decentralized of their expertise, a minimum of from a digital standpoint.

He added that most individuals don’t know that the web performs by its personal guidelines and thus when he tells individuals about how applied sciences reminiscent of Brave and the Basic Attention Token work, it’s mind-blowing to them: “Most people aren’t aware of their involvement in the grander data world, and I can see why humans have been conditioned to think centralization is safer.” He added: “If users are made aware that value is being siphoned off of them every day, I think they would change behaviors quickly.”

However, Stephen Wilson, a member of the Australian authorities’s National Blockchain Roadmap Cybersecurity Working Group and CEO of safety companies supplier Lockstep Group, is of the opinion that opposite to what some might imagine, it’s by no means a good suggestion to save lots of private information on any type of blockchain ecosystem.

He identified that the kind of private information breached by Facebook ought to by no means be saved in a blockchain, and even when one does, such data can by no means completely be protected by blockchain with any type of long-term effectiveness. He acknowledged additional that “there are many different facets of decentralization and distributed systems,” including:


“Blockchain and DLTs usually only decentralize some aspects of data management. They don’t usually decentralize data storage in any relevant sense because they tend to duplicate ledger entries across multiple systems. The storage is distributed, but identical copies of information are available in multiple locations and can be vulnerable to attackers or thieves.”

Crypto hacks in 2020 had been centered across the DeFi area

Late final yr, crypto {hardware} pockets producer Ledger was on the receiving finish of a data hack, on account of which the personal information of greater than 270,000 customers was leaked online. Following the incident, users started reporting extortion threats from unhealthy actors leading to many customers even thought of initiating authorized motion in opposition to the agency.

Furthermore, a complete of 28 assaults had been witnessed in relation to numerous outstanding cryptocurrency exchanges and buying and selling platforms in 2020, with the full sum of cash being compromised on account of these ploys amounting to round $300 million.

Related: Crypto wallets in 2021: From hot to cold, here are the options

According to a report launched by CipherTrace, greater than 50% of all nefarious actions in relation to the crypto market final yr had been linked to numerous decentralized finance protocols after the immense quantity of development over the previous yr.

In the previous, most hacking schemes have, by and huge, targeted on stealing funds from cryptocurrency exchanges, for example, in 2014 and 2018, the sum of money compromised on account of exchanges being hacked lay at $483 million and $875 million, respectively.

However, an rising variety of miscreants are actually turning their consideration to stealing consumer data as a result of it gives them with distinctive avenues to amass funds with relative ease. Thus, it’s of utmost significance that crypto homeowners be taught how to guard their belongings, utilizing superior instruments to not fall prey to such breach makes an attempt.

Read More at cointelegraph.com

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button