Technical attacks are most often carried out by exploiting vulnerabilities in the code without considering the human factor. And if there is a vulnerability, there is nothing that can be done at that moment against an attacker who can use it. However, social engineering attacks are orchestrated by attackers with strong social intelligence, focusing beyond code vulnerabilities on human perception and psychology.
Social Engineering Attacks
It is possible to protect against code vulnerabilities and secure your company or the cryptocurrency protocol you operate. For this, you work with White Hat experts or directly with penetration (cybersecurity) companies. Code verification, review, and vulnerability scanning are performed. In the end, these vulnerabilities are closed.
The security you ensure depends on the competence of the auditing expert. However, social engineering attacks focus on the victim’s psychology and perception. That is, the vulnerability is sought in the victim’s perceptions, not in the code. Those who orchestrate such attacks are hackers with strong social intelligence and relatively weaker technical knowledge.
At first glance, it may seem simpler, but when the attack is detailed with personalized stories and plots, it requires serious effort. Moreover, larger spoils can be obtained from most attacks that would exploit code vulnerabilities. For example, Lazarus is very popular in this regard, and when the Ronin bridge was hacked, we saw that a team member with the private key was approached like a human resources department of a different company. Here, a file disguised as a PDF and combined with malicious software was sent to the other party, allowing the attackers to enter the victim’s system and obtain the information they needed. A few details of this attack will help you understand the extent of the risk.
- The PDF sent appeared to be a normal file at first glance.
- With binder applications, malware and the actual PDF can be merged. When you open the file, the real PDF opens, but you don’t notice the merged malware running in the background at the same time.
- Malware that is encrypted specifically for a person cannot be detected by antivirus programs, even if it is paid.
Details of the Coinbase-Focused Attack
Blockchain researcher ZachXBT has uncovered a social engineering attack targeting Coinbase users. In the method known as Coinbase reset fraud, scammers deceive users into resetting their Coinbase login credentials by collecting their personal information. Shockingly, these scammers caused a victim to suffer an estimated loss of 4 million dollars.
ZachXBT wrote;
“Scammers have to use social engineering to reset (their victims’) login details to gain access. Adding a security key as 2FA, not reusing emails or passwords, etc., is good”.
Therefore, it seems beneficial to end direct communication with people who reach out to you about 2FA. Attackers can deceive themselves as Coinbase employees or security experts and create thousands of plots to obtain your 2FA code.
