The famous crypto site CoinMarketCap was recently attacked, not for its data, but for installing a fake coin there in order to lure users into a trap.
The attack on CoinMarketCap
First of all, the hacker have created an account for their project on CoinMarketCap, renaming it to CoinMarketCap, the namesake of the site itself.
At this point, they inserted a link leading to a site that claimed to be that of CoinMarketCap, apparently appearing very similar and credible, but which was actually under their control. The tokens were sold on this site.
The hackers then managed to break into CoinMarketCap’s CryptTown social network. There they created a series of verified accounts with which they published messages indicating that they were selling tokens.
Thus, the comments about the sale of the fraudulent token seemed to come from the official account of CoinMarketCap, as if it were the site itself that promoted the sale of token.
The home page of the phishing was posted online overnight, according to European time. In this way, it would take some time for the team to intervene and remove it. In addition, the hacker immediately began to advertise it in a massive way.
The fraud happened on the Ethereum and BSC blockchain. Dmitry Mishunin, the founder and CEO of HashEX an auditor of smart contract discovered and published this information.
Thus showing that the hackers managed to collect about 12 ETH and 192 BNB from different investors who were not aware of the fraud.
Some tips to avoid cryptocurrency fraud
Cryptocurrency fraud remains a big problem in the ecosystem.
Indeed, whether in this form or more violent attacks against a site such as in the case of Fuse Lending, which suffered a $ 4.6 million hack, there are many cases of hacking.
The first rule, like everything you can read on the internet, is to cross the sources. When a site or an ad talks about a project, it is important to find out if other more expert sites also talk about this project.
Then, when a project interests you, you have to look for certain elements that show the seriousness of it. As an internet site without fail and generally possessing a white paper serious. In addition, it is very important to be able to access the identity of the creators, some serious projects do not disclose this, but overall it is an additional guarantee of assurance.
Another point, most cases of fraud involve insecure websites. If the icon of a padlock does not appear in the address bar next to the website, it is not safe to be on this site. In addition, also check if the URL uses “https” and not “http”, as the latter is not secure.
In the case of the CoinMarketCap scam, Mishunin notes that “ the intruders offered to simply send money to a third-party address. » This is often a telltale sign of a scam. Especially when they ask to send crypto to an address and they will send crypto back. “It is unlikely that such a large company will make a sale without a smart contract and by connecting a wallet on the site ”, added the CEO of HashEx.
To go further you can read our article on the American business ethics office. They ranked cryptocurrency as the second most dangerous type of scam in 2021.
They crypto scams remain a big problem in the crypto ecosystem, with an increase in new investors. However, keeping in mind a few simple security rules valid for any online investment, it is possible to invest and learn about cryptocurrencies without much danger. Our last tip is based on the legendary phrase ” too good to be true ».
Receive a digest of the news in the world of cryptocurrencies by subscribing to our new service ofdaily and weekly so you don’t miss anything essential Cointribune!
Observer of the monetary, economic and social revolution.