Technology

WeChat friends help crypto thieves, Korbit denies hack: Asia Express

Posted on by Minakshi

WeChat Friends Inadvertently Aid Crypto Thieves: A Growing Concern

A disturbing trend is emerging involving the popular Chinese social media platform, WeChat. Cybercriminals are reportedly exploiting the platform’s security features, designed to protect users, to steal cryptocurrency from unsuspecting victims.

How the Scam Works: Friend Verification Exploited

Since April, several WeChat users, including social media influencers, have reported their accounts being compromised. The attackers are gaining access to accounts and then leveraging WeChat’s friend verification system. This system, intended as a backup login method, allows a user’s contacts to verify login attempts from new devices when SMS or QR code authentication is unavailable.

The hackers are strategically targeting contacts with whom the victim has had minimal interaction. These contacts are more likely to approve the verification request without carefully considering the implications, thus providing the attackers with the necessary code to access the victim’s account.

Experts Weigh In

Cos, co-founder of blockchain security firm SlowMist, detailed the attack vector in a recent social media post. He highlighted the attackers’ focus on less engaged contacts, emphasizing the importance of user vigilance when receiving verification requests.

South Korean Exchange Korbit Denies Security Breach After Prolonged Maintenance

Leading South Korean cryptocurrency exchange, Korbit, recently underwent a **12-hour** period of maintenance, sparking speculation among users about a potential security incident. However, Korbit has firmly denied any such breach.

Details surrounding the maintenance are scarce, but the exchange has assured its users that their funds remain secure and that the extended downtime was purely for system upgrades.

User Caution Advised

While Korbit denies a hack, these incidents involving WeChat and other platforms underscore the importance of robust security practices for all cryptocurrency users. We advise:

  • Enable Two-Factor Authentication (2FA) on all crypto-related accounts.
  • Be extremely cautious of unsolicited messages or verification requests.
  • Regularly review your account activity for any suspicious transactions.
Summary:

  • WeChat users are being targeted by hackers exploiting the platform’s friend verification feature to steal crypto.
  • Attackers target contacts with limited interaction to increase the likelihood of successful verification.
  • South Korean crypto exchange Korbit denies a security breach despite a 12-hour maintenance period.
Key Takeaways:

  • Social engineering tactics are increasingly used to compromise crypto accounts.
  • Seemingly innocuous security features can be exploited by sophisticated attackers.
  • Vigilance and strong security practices are crucial for protecting your cryptocurrency holdings.
  • Always verify the identity of anyone requesting access to your account.
  • Diversifying your security measures can provide an added layer of protection.