Fraud Fighters: How crypto companies can stay one step ahead of the scammers

gepubliceerd op by Cryptoslate | gepubliceerd op

Vermeld in dit artikel
2019 was another banner year for crypto fraud that will continue to adversely impact prices of Bitcoin and Ethereum going forward as Ponzi scheme PlusToken unwinds.

2020 is picking up where its predecessor left off, with the $2.5 million MoonPay exploit of IOTA's wallet showing that crypto fraud remains endemic.

The dollar value of the Trinity scam, which saw MoonPay's content delivery network exploited to serve up malicious SDKs to IOTA wallet users, is a fraction that of PlusToken.

The hack, derived from a vulnerability that lay unpatched for three months, has sent shockwaves not only through the IOTA community but through that of all the crypto projects that have integrated MoonPay's technology.

8.55 Ti in IOTA tokens, worth around $2.5 million, were stolen by the attacker, with an investigation by the IOTA Foundation finding that the fault lay in "Illicit versions of Moonpay's software development kit, which was being loaded automatically from Moonpay's servers when a user opened Trinity. The code was loaded into the local Trinity instance, and, after the user's wallet was unlocked, decrypted the user's seed and sent the seed and password to a server controlled by the attacker."

A significant portion of the stolen funds has already been laundered using a basket of different fraud strategies to obfuscate movements and exchange crypto funds for clean fiat.

There are ways that exchanges can improve faith and confidence in their fraud prevention efforts while fighting back against these actors intent on cashing out and crashing the market.

The implementation of KYC checkpoints makes it easier to spot fraud before it exposes exchanges to regulatory risks.

Wallet providers and other industry stalwarts should choose their payment partners wisely, focusing on reputable companies that will support their attempts to thwart crypto criminals.

A joined-up approach is required, with crypto companies, including exchanges and payment gateways, working closely to identify and combat fraud.

x