Technology

WeChat friends help crypto thieves, Korbit denies hack: Asia Express

Posted on by Minakshi






WeChat Friends Exploited in Crypto Thefts, Korbit Denies Security Breach

WeChat Friends Exploited in Crypto Thefts, Korbit Denies Security Breach

In a concerning trend, digital fraudsters are leveraging social engineering tactics on WeChat to pilfer cryptocurrency. Meanwhile, South Korean exchange Korbit vehemently denies any security breach following a prolonged maintenance period.

WeChat Users Fall Prey to Friend Verification Exploit

Chinese social media influencers are becoming prime targets in a sophisticated WeChat account hijacking scheme. Attackers are reportedly exploiting the platform’s friend verification system, a security measure designed to aid users locked out of their accounts.

How the Scam Works: A Deep Dive

Since April, numerous victims have reported that hackers gained unauthorized access to their WeChat login credentials. The attackers then trigger the platform’s “friend verification” system. This system is one of three login options on WeChat and relies on a user’s contacts to vouch for their identity when logging in from a new device. The intention is to serve as a backup when SMS or QR code authentication is unavailable, especially for users on the go, for example during international travel.

  • The verification request is sent to the victim’s WeChat contacts.
  • The attackers strategically target contacts with whom the victim has minimal recent interaction.
  • These contacts are more likely to approve the request without careful scrutiny, forwarding the necessary code to the attacker.
  • The hacker then gains access to the victim’s account and potentially their linked cryptocurrency wallets.

Blockchain security experts are advising WeChat users to be extremely cautious when receiving friend verification requests, especially from contacts they rarely interact with.

Korbit Denies Security Breach After Extended Maintenance

South Korean cryptocurrency exchange Korbit has refuted claims of a hack following an unusually long 12-hour maintenance period. The exchange assured users that their funds are safe and that the maintenance was related to system upgrades and improvements.

User Concerns Addressed

The extended downtime had sparked widespread speculation among users, with many fearing a potential security breach. Korbit officials stated that the extended maintenance was necessary to implement crucial security enhancements and improve the overall platform infrastructure. They reassured users that a thorough investigation was conducted and that no evidence of a hack or data compromise was found.

Summary:

  • WeChat users are being targeted by hackers exploiting the “friend verification” system to steal cryptocurrency.
  • Hackers target WeChat contacts with limited interaction to approve malicious requests.
  • South Korean crypto exchange Korbit denies a hack after a 12-hour maintenance period, citing system upgrades.
Key Takeaways:

  • Be extremely vigilant when receiving friend verification requests on WeChat, especially from infrequently contacted individuals. Double-check with the person before approving the request via an alternate means of communication if possible.
  • Social engineering attacks remain a significant threat in the cryptocurrency space. Users must prioritize security best practices to protect their digital assets.
  • Even with enhanced security measures, it’s critical for crypto users to understand the risks involved, like key management.
  • Long maintenance periods on cryptocurrency exchanges don’t always indicate a security breach but warrant user caution and investigation.
  • Korbit emphasizes the importance of ongoing system maintenance and upgrades to fortify platform security, amidst growing threat landscape.