CoinLoan’s Fraud Detection Team Helped in Mitigating Critical Attack on Crypto Wallets
In early April 2022, owners of Trezor’s hardware wallets received a number of suspicious emails with the recommendations to download software updates. Through these letters, unknown malefactors attempted to organize one of the largest phishing campaigns in Web3 segment history.
Hardware wallets under attack; CoinLoan comes to the rescue
On April 3, 2022, cryptocurrency holders who used popular hardware wallets by Trezor started receiving unusual email notifications. These messages bypassed spam filtering mechanisms and looked like legit updates from the top-tier hardware wallets team.
Lessons from Trezor Breach Case Study: Hardware vs. Custodial Wallets ?⚖️
— CoinLoan (@coin_loan) April 29, 2022
Max Sapelov, CoinLoan’s CTO and Co-founder, explains the difference and more.
Take a deep dive ?? https://t.co/wHM21XvOWQ pic.twitter.com/ORsKCXZzPv
Users were asked to upgrade their software, but the links to the letters redirected to malicious websites: the word “Trezor” in the website names included an altered letter “e” with an added homoglyph. The fraudulent websites contained software that was able to steal users’ funds through compromising seed phrases.
The Fraud Detection Team, a cybersecurity arm of CoinLoan, immediately detected the IP addresses behind the malicious web domains and disclosed their hosting providers. Once reached, the hosting providers took the impersonating domains down.
Despite hackers trying to utilize the next portion of IPs, CoinLoan representatives flagged them as well. Then, the team deployed the binaries to VirusTotal and informed the global cybersecurity community of the danger.
A prompt reaction allowed crypto enthusiasts to reveal the vector of the failed attack: it was organized through MailChimp, a mainstream email marketing platform. An unknown “insider” accessed its internal mechanisms and organized the phishing campaign.
Lessons for crypto users’ privacy and security
Although it is obvious that Trezor had nothing to do with the attack, according to CoinLoan experts, this phishing attack should be a “wakeup call” for the industry. Even veteran and mainstream services are failing to protect the sensitive data, security and privacy of their customers.
Such failures, in turn, reduce the level of trust in crypto as a whole: the general public falls for the narrative that digital assets are associated with scams and frauds.
Bank-grade security practices like those used by CoinLoan cannot be considered optional anymore at this stage of Web3 space evolution. Also, the scam clearly demonstrates that some noncustodial services are vulnerable to the attacks that their custodial competitors are protected from.
While noncustodial services need to integrate marketing mechanisms by third-party vendors, CoinLoan implements the strictest data protection policies that include multiple checks. It allows CoinLoan to guarantee that its potential attackers will not be able to gain access to users’ funds and move them in an unauthorized manner.
Making digital assets lending mainstream: What is CoinLoan?
CoinLoan is an ecosystem of digital asset lending products that includes lending, borrowing, earning and swap modules. It allows crypto holders to benefit from their idle riches.
By Q2, 2022, CoinLoan integrated dozens of assets, including both veteran cryptos, large-cap and mid-cap altcoins and DeFi tokens.
Users can deposit their crypto tokens, including USDT, USDC and TUSD stablecoins, to earn periodic rewards with up to 12.3% in APYs. Crypto holders can increase available APYs by staking CoinLoan’s native token, CLT.
Also, crypto holders can collateralize their cryptos to obtain a loan: this eliminates the need to sell digital assets.
CoinLoan’s corporate module allows industrial crypto-friendly services to take part in lending/borrowing operations with Bitcoin (BTC) and major altcoins.