OKX Web3 has specially planned the "Security Special Issue" column to answer different types of on-chain security issues. Through the most real cases that happen to users, and in conjunction with experts or institutions in the security field, we share and answer them from different perspectives, so as to sort out and summarize the rules of safe transactions from the shallow to the deep, aiming to strengthen user security education while helping users learn to protect their private keys and wallet assets from themselves.
One day, someone suddenly gave you a wallet address private key worth $1 million. Would you want to transfer the money immediately?
If you want, then this article is tailor-made for you.
This article is the 01st issue of OKX Web3's "Security Special Issue". We specially invite the well-known security organizations in the encryption industry that have experienced "hundreds of frauds" - the SlowMist Security Team and the OKX Web3 Security Team, to share based on the most real cases encountered by users, full of dry goods!
SlowMist Security Team: Thank you very much for the invitation from OKX Web3. As an industry-leading blockchain security company, SlowMist mainly serves customers through security audits and anti-money laundering tracking and tracing, and has built a solid threat intelligence cooperation network. In 2023, SlowMist assisted customers, partners and public hacking incidents to freeze funds totaling more than 12.5 million US dollars. I hope to continue to output valuable things with awe for the industry and security.
OKX Web3Security Team:Hello everyone, I am very happy to share this. The OKX Web3 Security Team is mainly responsible for the security capacity building of the OKX Web3 wallet, providing multiple protection services such as product security, user security, and transaction security. While protecting the security of user wallets 24 hours a day, it contributes to maintaining the entire blockchain security ecosystem.
SlowMist Security Team:First, most of the cases are because users store private keys or mnemonics online. For example, users often use cloud storage services such as Google Docs, Tencent Docs, Baidu Cloud, WeChat Collection, and Memos to store private keys or mnemonics. Once these platform accounts are collected by hackers and successfully "crashed into the database", private keys can be easily stolen.
Second, after users download fake APPs, their private keys are leaked. For example, multi-signature scams are one of the most typical cases. Fraudsters induce users to download fake wallets and steal wallet mnemonics, and then immediately modify the account permissions of the user's wallet: the wallet account permissions are changed from the user himself to the user and the fraudster, thereby seizing the control of the wallet account. Such fraudsters tend to be patient and wait for the user's account to accumulate a certain amount of encrypted assets before transferring them all at once.
OKX Web3Security Team: SlowMist has outlined two main situations in which private keys are stolen. The second type, in which fraudsters use fake APPs to steal user private keys, is essentially a Trojan program. This type of Trojan program steals user private keys by obtaining permissions to access user input methods, photos, etc. Compared with IOS users, Android users encounter more Trojan virus attacks. Here are two simple cases: Case 1: A user reported that his wallet assets were stolen. After our team communicated with the user and investigated, we found that it was because he had previously downloaded and installed a disguised data platform software through Google search. This software is a Trojan program. However, when the user searched for the platform software, its link appeared in the top 5 of Google search, causing the user to mistakenly think it was the official software. In fact, many users do not distinguish the links provided by Google, so it is easy to encounter Trojan attacks in this way. We recommend that users perform daily security protection through firewalls, antivirus software, and Hosts configuration. Case 2: A user reported that his wallet assets were stolen when investing in a DeFi project. However, through our analysis and investigation, we found that there was no problem with the DeFi project itself. User B's wallet assets were stolen because he was targeted by the official customer service of the DeFi project when he commented on the project on Twitter. Under the guidance of the fake customer service, he clicked and entered the fake link and entered the mnemonic, which led to the theft of wallet assets.
It can be seen that the fraudsters' methods are not sophisticated, but users need to improve their awareness of identification and should not easily disclose their private keys under any circumstances. In addition, our wallet has issued a security risk warning for the malicious domain name.
SlowMist Security Team:Private keys or mnemonics are actually a single point of failure. Once stolen or lost, it is difficult to recover. At present, new technologies such as secure multi-party computing MPC, social authentication technology, Seedless/Keyless, pre-execution and zero-knowledge proof technology are helping users reduce their dependence on private keys.
Take MPC as an example. First, MPC technology means that all participants perform complex joint calculations to complete a task, and their data remains private and secure and is not shared with other participants. Second, MPC wallets are generally speaking, using MPC technology to securely break a private key into multiple pieces, which are jointly managed by multiple parties; or simply multiple parties jointly generate a virtual key. The latter may be more common because no one has ever seen the complete private key at this time. In short, the core idea of MPC is to disperse control rights to achieve the purpose of dispersing risks or improving disaster preparedness, effectively avoiding security issues such as single point failures.
Note that MPC involves a word called Keyless, which can be understood as "without mnemonics" or "without private keys". But this "nothing" does not mean that there is no key in the actual sense, but that users do not need to back up mnemonics or private keys, and cannot perceive their existence. So about Keyless wallets, you need to understand these 3 points: 1. During the creation of a Keyless wallet, private keys will not be created or stored at any time or place. 2. When signing a transaction, private keys are not involved, and private keys will not be reconstructed at any time. 3. Keyless wallets will not generate or save complete private keys and seed phrases at any time. OKX Web3 Security Team: There is currently no perfect way to keep private keys. However, our security team recommends using hardware wallets, hand-copying and saving private keys, setting up multi-signatures, and decentralized storage of mnemonics to manage private keys. For example, decentralized storage of mnemonics means that users can divide mnemonics into 2 or more groups for storage, reducing the risk of mnemonics being stolen. For another example, setting up multi-signature means that users can select trusted people to sign together to determine the security of the transaction. Of course, in order to ensure the security of the user's wallet private key, the entire underlying OKX Web3 wallet is not connected to the Internet. The user's mnemonics and private key related information are all encrypted and stored locally on the user's device. The relevant SDK is also open source and has been widely verified by the technical community, making it more open and transparent. In addition, the OKX Web3 wallet has also conducted strict security audits through cooperation with well-known security organizations such as SlowMist.
In addition, in order to better protect our users, the OKX Web3 security team is providing and planning more powerful security capabilities for private key management, and is continuously iterating and upgrading. Here is a brief sharing: 1. Two-factor encryption. At present, most wallets usually use the method of encrypting mnemonics with passwords and save the encrypted content locally. However, if the user is infected with a Trojan virus, the Trojan will scan the encrypted content and monitor the password entered by the user. If it is monitored by the scammer, the encrypted content can be decrypted to obtain the user's mnemonic. In the future, OKX Web3 wallet will use a two-factor method to encrypt mnemonics. Even if the scammer obtains the user's password through the Trojan, it cannot decrypt the encrypted content. 2. Private key copy security. Most Trojans will steal the information in the user's clipboard when the user copies the private key, resulting in the leakage of the user's private key. We plan to help users reduce the risk of private key information theft by increasing the security of the user's private key copying process, such as copying part of the private key, clearing the clipboard information in time, and other methods or functions. Q3: Starting from the theft of private keys, what are the current common phishing methods?
SlowMist Security Team:According to our observation, phishing activities are gradually increasing every month.
First, current wallet thieves (Wallet Drainers) pose the main threat to current phishing activities, and continue to attack ordinary users in various forms.
Wallet Drainers (Wallet Drainers) are a type of malware related to cryptocurrency. These software are deployed on phishing websites to trick users into signing malicious transactions, thereby stealing user wallet assets. For example, the more active wallet thieves (Wallet Drainers) are:
1. Pink Drainer, who obtains Discord Token and conducts phishing through social engineering. Social engineering is generally understood as obtaining users' private information through communication.
2. There is also Angel Drainer, which will conduct social engineering attacks on domain name service providers. After obtaining the relevant permissions of the domain name account, Angel Drainer will modify the DNS resolution and redirect the user to a fake website, etc.
Secondly, the most common one is blind signature phishing. Blind signature means that when a user interacts with a project, he does not know what he needs to sign or authorize, so he clicks on the confirmation button without knowing what, which leads to the theft of funds. Regarding blind signature phishing, let us give a few examples:
Case 1: For example, eth_sign. eth_sign is an open signature method that allows any hash to be signed, which means that it can be used to sign transactions or any data. It is difficult for users without technical foundation to understand the content of the signature, so there is a certain risk of phishing. Fortunately, more and more wallets have begun to provide security reminders for this type of signature, which can avoid some financial losses to a certain extent.
Case 2: permit signature phishing. We all know that in ERC20 currency transactions, users can call the approve function for authorization, but the permit function allows users to generate signatures off-chain and then authorize designated users to use a certain amount of tokens. Attackers use the permit method to phish. When the victim visits the phishing website, the attacker asks the user to sign the permit authorization through the website. After the user signs, the attacker can get the signed data. The attacker calls the permit function of the token contract and passes in the signature data and then broadcasts it to the chain to obtain the authorization amount of the token, thereby stealing the user's token.
Case 3: Hidden create2 technique. Create2 allows developers to predict the address of the contract before deploying it to the Ethereum network. Based on create2, attackers can generate temporary new addresses for each malicious signature. After deceiving the user to grant permission to sign, the attacker can create a contract at this address and transfer the user's assets. Because it is a blank address, these addresses can bypass some phishing plug-ins and security companies' monitoring alarms, so they are very hidden and users are easily fooled.
In short, for phishing websites, users can identify the official website of the project before interacting, and pay attention to whether there are malicious signature requests during the interaction, and should be wary of submitting mnemonics or private keys, and remember not to leak mnemonics or private keys anywhere.
OKX Web3Security Team:We have studied common phishing methods and provided multi-dimensional security protection on the product side. I will briefly share the main types of phishing methods that users have encountered so far:
The first type, fake airdrops. Hackers generally generate addresses with similar beginnings and ends for the victim's address, and make small transfers, 0U transfers, or airdrops of fake token transfers to users. Such transactions will be displayed in the user's transaction history. If the user accidentally copies and pastes the wrong address, it will cause asset losses. For this type of attack, the OKX Web3 wallet can identify its historical transactions and mark them as risk tags. At the same time, when users transfer money to its address, they will be prompted with security risk warnings.
The second type is the induced signature type. Usually hackers will comment on Twitter, Discord, TG and other public places of well-known projects, and post fake DeFi project URLs or airdrop URLs to induce users to click, thereby stealing user assets. In addition to the signature phishing mentioned by SlowMist, such as eth_sign, permit, create2, there are also some:
Method 1: Directly transfer and steal main chain tokens. Hackers often give malicious contract functions misleading names such as Claim and SeurityUpdate, while the actual function logic is empty, thus only transferring the user's main chain tokens. Currently, the OKX Web3 wallet has launched the pre-execution function, which can display the asset changes and authorization changes after the transaction is on the chain, and provide security risk warnings to users.
Method 2: On-chain authorization. Hackers usually induce users to sign approve / increaseAllowance / decreaseAllowance / setApprovalForAll transactions, which allow hackers to transfer the user's token assets to a specified address and monitor the user's account in real time after the user signs. Once the corresponding assets are transferred in, they will be transferred away immediately. The security protection process against phishing is a confrontation and a continuous upgrade process.
Although most wallets will perform security risk detection on the hacker's authorized address, the attacker's attack method is also upgrading. For example, using the characteristics of create2, the attacker will pre-calculate the new address. Because the new address is not in the safe black address library, it can easily bypass security detection. The attacker will wait until someone takes the bait, then go to the address to deploy the contract and transfer the user's funds. For example, we have recently discovered that many attackers will make users authorize the uniswap.multicall contract. Because this contract is a contract of a formal project, it can also bypass the detection of security products.
Method 3: Permission change: including tron permission change and solana permission change. First, in tron permission change, multi-signature is a feature of the tron chain. In many phishing websites, phisher will disguise the transaction of changing account permissions as a transfer transaction. If the user accidentally signs this transaction, the user's account will become a multi-signature account, and the user will lose control of his account. Second, in solana permission change, the phisher will use SetAuthority to modify the Owner of the ATA account of the user's token. Once the user signs this transaction, the owner of the ata account will become the phisher, so that the phisher can get the user's assets.
Other methods: In addition, due to the design mechanism of the protocol itself and other problems, it is also easy to be exploited by phisher. Based on the queueWithdrawal call of EigenLayer, the middleware protocol of Ethereum, other addresses can be specified as withdrawers. The user was phished and signed the transaction. Seven days later, the specified address obtained the user's pledged assets through completeQueuedWithdrawal.
The third category is uploading mnemonics. Attackers usually provide disguised airdrop projects or fake new listing tools to induce users to upload private keys or mnemonics. See the above for specific cases. In addition, sometimes they will disguise themselves as plug-in wallet pop-ups to induce users to upload mnemonics.
OKX Web3Security Team:The difference between hot wallets and cold wallets is that the private keys are stored in different ways. The private keys of cold wallets are generally stored offline, while hot wallets are usually stored in a network environment. Therefore, the security risks for cold wallets and hot wallets are different. The security risks of hot wallets have been very comprehensive above, so I will not expand on them. The security risks of cold wallets mainly include: First, social engineering and physical attack risks, and transaction process risks. Regarding social engineering and physical attack risks, since cold wallets are usually stored offline, there may be attackers who use social engineering means to disguise themselves as relatives or friends to access cold wallets. Second, as a physical device, it may be damaged or lost. Regarding transaction process risks, during the transaction process, cold wallets will also encounter the various airdrops, induced signatures and other attack methods mentioned above.
SlowMist Security Team:Yes, "deliberately giving away high-value wallet private keys" is a very classic case. It has appeared many years ago, but people are still deceived until now. This scam is actually the scammer deliberately leaking the private key mnemonic. After you import the private key mnemonic into the wallet, the attacker monitors your wallet at all times. Once you transfer ETH, it will be transferred to you immediately. This kind of method takes advantage of the user's greed for small gains. The more people import, the higher the handling fee, and the greater the loss.
Secondly, some users will think "I have nothing worth attacking", and this low defense mentality will make users vulnerable to attacks. Anyone's information (such as email, password, bank information, etc.) is valuable to attackers. Some users even think that as long as they don't click on the link in the spam, they will not be threatened, but some phishing emails may implant malware through pictures or attachments.
Finally, we need to have an objective understanding of "security", that is, there is no absolute security. Moreover, the methods of phishing attacks have evolved in many ways and developed very quickly. Everyone should continue to learn and improve their own security awareness to be the most reliable.
OKX Web3Security Team:Preventing third-party phishing traps is indeed a complex issue, because phishermen often take advantage of people's psychological weaknesses and common security negligence. Many people are usually very cautious, but when they encounter a sudden "big pie", they often relax their vigilance and magnify their greedy characteristics, which leads to being deceived. In this process, the weaknesses of human nature will be greater than technology. Even if there are more security measures, users will ignore them in the short term. In retrospect, they will find that they have been deceived. We must be clear that "there is no free lunch in the world". Always pay attention to raising vigilance and paying attention to security risks, especially in the dark forest of blockchain.
SlowMist Security Team: Before answering this question, let’s first sort out how general attacks steal users’ assets. Attackers generally steal users' assets in the following two ways:
Method 1: Trick users into signing malicious transaction data for stealing assets, such as: tricking users into authorizing or transferring assets to attackers
Method 2: Trick users into entering wallet mnemonics on malicious websites or apps, such as: tricking and tricking users into entering wallet mnemonics on a fake wallet page
After knowing how attackers steal wallet assets, we must prevent possible risks:
Prevention 1: Try to do what you see is what you sign. It is said that wallets are the key to the Web3 world. The most important thing for user interaction is to refuse blind signing. Before signing, you must identify the signed data and know what the transaction you are signing is for, otherwise give up signing.
Prevention 2: Don't put all your eggs in the same basket. Through the different assets and the frequency of use, the wallet can be managed in a hierarchical manner to keep the risk of assets under control. Wallets participating in activities such as airdrops are used frequently, so it is recommended to store small assets. Large assets are generally not used frequently. It is recommended to put them in cold wallets and ensure that the network environment and physical environment are safe when using them. If you have the ability, use hardware wallets as much as possible. Since hardware wallets generally cannot directly export mnemonics or private keys, the threshold for the theft of mnemonics and private keys can be increased.
Prevention three: Various phishing techniques and events are emerging in an endless stream. Users must learn to identify various phishing techniques on their own, improve safety awareness, educate themselves to avoid being deceived, and master self-rescue capabilities.
Prevention four: Don't be anxious or greedy, and verify from multiple parties. In addition, if users want to learn more about asset management solutions, they can refer to the "Crypto Asset Security Solution" produced by SlowMist. To learn more about safety awareness and self-education, they can refer to the "Blockchain Dark Forest Self-Rescue Manual".
OKX Web3Security Team: As the only credential for accessing and controlling the encrypted assets in the wallet, it is crucial to protect the security of the wallet private key.
Prevention 1: Understand your DApp. When investing in on-chain DeFi, you must have a comprehensive understanding of the DApp you are using to prevent asset losses caused by accessing fake DApps. Although our OKX Web3 wallet has conducted risk detection and prompts for DApps with multiple strategies, attackers will continue to update their attack methods and bypass security risk detection. Users must keep their eyes open when investing.
Prevention 2: Understand your signature. When signing on-chain transactions, users must confirm the transactions and ensure that they understand the details of the transactions. They must be cautious about transactions that they do not understand and do not sign blindly. The OKX Web3 wallet will parse on-chain transactions and offline signatures, simulate execution, and display the results of asset changes and authorization changes. Users can focus on the results before trading to see if they meet expectations.
Prevention 3: Understand the software you download. When downloading auxiliary trading and investment software, make sure it is downloaded from the official platform, and use antivirus software to scan it in time after downloading. If you download malicious software, the Trojan will obtain the user's mnemonic or private key by means of screenshot monitoring clipboard, memory scanning, uploading cache files, etc.
Prevention 4: Improve security awareness and keep private keys properly. Try not to copy mnemonics, private keys and other important information, do not take screenshots, and do not save such information to a third-party cloud platform.
Prevention 5: Strong passwords & multi-signatures. In the process of using passwords, users should increase the complexity of passwords as much as possible to prevent hackers from blasting them after obtaining private key encrypted files. During the transaction process, if there is a multi-signature mechanism, multi-signatures must be used. In this way, if one party's mnemonic or private key is leaked, it will not affect the overall transaction.
MetaWin suffered a significant breach, losing around $4 million from its hot wallets due to a loophole in its frictionless withdrawal system. The attack has raised concerns in the crypto community about security vulnerabilities, prompting immediate action from the company to halt all withdrawals and reassure users that most withdrawal capabilities have since been restored.
WeatherlyBingX, the Singapore-based cryptocurrency exchange, has fully resumed its services after a hot wallet incident on 20 September that disrupted deposits and withdrawals. To strengthen security against external threats, the exchange has introduced ShieldX, a new firewall for its wallets.
KikyoBinance, which has 1,170 currencies, only has 7 tokens that have broken through the previous high of the last bull market, accounting for only 0.598%!
JinseFinanceWith the popularity of the virtual currency market, more and more entrepreneurs have launched hot wallet products and services to provide users with better experiences and functions. However, hot wallets also face many legal risks, which need to be paid attention to and avoided.
JinseFinanceChina responds to concerns about cryptocurrency misuse with cold storage regulations. The government aims to curb covert financial activities and is actively involved in international collaborations. The use of blockchain for real-name identity verification and broader efforts in social media regulation reflects China's commitment to adapting to the evolving digital landscape while maintaining regulatory control.
BerniceBitoPro of the BitoPro Group announced their cold wallets, and They have also unveiled the special design of the card-style cold wallet, endorsed by the cheerleading goddess Qun Qun 峮峮.
OliveThis technology aims to mitigate risks associated with manual handling of assets while maintaining a secure separation from online environments.
AlexCrypto payments processor Alphapo’s hot wallets have been drained for at least $23 million on Ethereum, Tron and Bitcoin, according to ZachXBT. Alphapo customer HypeDrop has disabled withdrawals.
TheBlockOn June 20, the lending platform will reopen the withdrawal service for customers and allow the withdrawal of 35% of crypto assets.
OthersA Hacker Targets a Big Name in the DeFi Space, But He May Have Overreached As 'Arthur_0x' Warns, 'You Messed With the Wrong Man.'
Cointelegraph