In the second quarter, SlowMist's MistTrack service received 467 reports of theft of digital assets. The funds of 18 victims in the amount of $22.66 million were frozen.
🚨 As blockchain tech evolves, security incidents like theft, phishing, and fraud are becoming more frequent. In Q2 2024, the @MistTrack_io Team received 467 stolen fund reports.
This thread highlights key findings to help you safeguard your assets.👇https://t.co/aUwdL1Pxiu pic.twitter.com/CIgVrbpU3V
Of the total number of requests to the specialists of the Chinese company, 321 were received from users from China, 146 from abroad. SlowMist analyzed these incidents without including messages received through other channels in the report.
Experts named private key leaks, phishing and fraud among the most common methods of theft.
SlowMist noted that users often store keys and mnemonic phrases in cloud services like Google Docs or send them to friends via messengers to create backups. However, such actions increase the risk of information interception by intruders.
There have also been cases of scams where the victim was deceived, posing as support staff, and asked to share data.
"Fake wallets are another serious cause of private key leaks," the experts stressed.
This has been a well-known attack vector for a long time, but it remains relevant, they admitted. A number of users prefer to download applications from questionable sources due to network restrictions for Google Play or for other reasons.
The company's specialists studied the implementation of functions at the backend level in fake wallets, including user management, assets and deposits.
"The advanced nature and professional level of these phishing activities far exceeded our expectations," they eventually admitted.
Phishing and fraud are also improving
Regarding phishing, the analysis showed that about 80% of the comments under the posts of popular crypto projects in X are published by scammers.
Experts have found numerous Telegram groups selling various X accounts with subscribers, posts and different registration times. This allows attackers to match the offer to their needs.
The pages available to scammers often completely copy the design of the originals. For example, experts found an account called Optimlzm, which looked almost identical to the real Optimism.
Using these properties, as well as promotion tools (for example, pinning their messages at the top of the comment feed), scammers successfully deceive their victims, who eventually click on phishing links.
An example of an NFT–themed X account available for purchase with subscribers and a feed. Data: SlowMist.Of the various types of fraud in the second quarter, the honeypot scheme turned out to be the most popular. In cybersecurity, it is a virtual trap for luring intruders, allowing them to study their methods and practices. In the crypto industry, this is what they call a method of attracting investors to useless and illiquid assets that cannot be realized later.
Experts described a typical scam scheme:
The scammer creates a smart contract and lures victims with promises of high profits, aggressively persuading them to buy.After purchasing an asset, the user sees that the price is rising and is in no hurry to sell it. When he decides to do this, he discovers that it is impossible to implement tokens.The scammer withdraws funds from victims who have been involved.SlowMist stressed that honeypot is often not immediately recognizable even by experienced investors.
Recall that in June, the director of information security of the company under the nickname 23pds compiled a rating of the reasons why users lose digital assets.