After it reached an all-time high, new investors have flocked to exchanges like Coinbase to buy Bitcoin and altcoins. Coinbase is now public on the stock market, entire countries have adopted Bitcoin as the official currency.
And in Hacker Land, cybercriminals still demand it as a form of payment in ransomware attacks.
The common attack methods dominating the crypto space are phishing, cryptojacking, dusting, and clipping.
Imagine if you bought Bitcoin from Coinbase and sent it to your wallet, but it never shows up. Instead, it went to a completely different wallet without your approval. This is cryptocurrency clipping.
In this blog, we break down how crypto clipping works, as well as some ways to protect your investments from hackers.
How Does Cryptocurrency Clipping Work?
Cryptocurrency clipping is when attackers manage to steal crypto while it is being sent during a transaction. Hackers initiate clipping attacks through malware by tricking users to install apps with the infected malware on them.
Specifically, hackers like to use botnets – which are networks of hijacked computers used to carry out these attacks. The network of hacked computers always leads back to a centralized computer run by the chief cyber attacker.
The process of clipping is designed to take advantage of users that like to purchase their crypto fast and easy and may not pay attention to detail. Investors will usually copy their wallet address to exchange rather than type it in directly.
Clipping malware replaces the copied address with the wallet of the hacker. This happens in the clipboard where the sender would not notice the change has taken place. Most new investors may not notice this because crypto wallet addresses tend to be extremely long and random-looking.
When the user uses the paste function to enter the address, it is not the same one they had originally copied. When they send the coin, it is transferred to the hacker’s wallet.
Since cryptocurrency transactions are pretty much irreversible, this works to the advantage of the hacker, who can steal someone’s else crypto without the person even noticing until it is too late.
How Do I Keep Hackers from Clipping Me?
The first practical step you can take to help prevent these types of attacks is to eliminate just copying and pasting from your daily routine when buying crypto. Be thorough before hitting confirm.
Check through the entire wallet address and not just the first few letters. Clipping malware is very slick and will often copy the first several characters of an address. Hackers are hoping investors are lazy enough to not check the whole address.
As annoying as it may be, you may want to type the address manually just to be safe.
Also, make sure the source is authentic if you’re sending crypto: email addresses can be spoofed too!
Before you send a large amount of crypto anywhere, maybe send a test transaction with a small amount to make sure the funds reach the right destination.
Keep the operating system on your phone and computer up to date. OS updates usually include security patches that help protect from newly discovered threats.
Always double-check the URLs involved in any cryptocurrency process or transactions. Stay away from any sites that say “not secure” in the top left corner.
When searching for wallets or crypto exchanges, only click on links in the search results and not any ads that pop up. Hackers like to use Google Ads to install clipping malware.
Never download apps from sources that you cannot vouch for. This is especially with platforms that are not open to audits.
Enable multi-factor authentication whenever possible.
Also, use a VPN when exchanging crypto. A virtual private network (VPN) is an Internet security service that creates an encrypted connection between a computer and one or more servers. VPNs help mask IP addresses from being seen by potential hackers.
If you’re trading crypto, it’s a good idea to study up on all the different scams out there. Given how cryptocurrency is a growing technology in the financial world, scammers are using all kinds of tactics to fleece users of their coins.
Cryptojacking is the unauthorized use of someone else’s computer to mine cryptocurrency. Hackers use malware to infect computers and hijack the power of physical resources like the CPU and hard drive to mine bitcoin.
In dusting attacks, hackers will use a small amount of Bitcoin known as “dust” and attempt to track investors to eventually break the privacy of their crypto wallets.
A 51% attack, also known as a majority attack, occurs when a single person or group of people gains control of over 50% of a blockchain’s hashing power.
All these attacks, including crypto clipping, can be preventable if investors are willing to use safe and secure methods when exchanging crypto. Don’t trust, verify!