Never reuse passwords, use two-factor authentication, don’t share personal information online. All of this is sound reasonable (and is in fact good advice!) but where it comes from isn’t as widely known.

The most recent Darknet Diaries episode gives some insight into the current black-hat scene and in particular into how hackers steal cryptoassets. It illustrates the motivation between best practices nicely, and points to what we can do to protect ourselves further.

Many people don’t themselves hold the keys to their crypto. Instead they keep their crypto with brokers, which keep the keys in a centralized location and facilitate transfers and trading. This requires less knowledge than using your own wallet, and is the most convenient way to buy and exchange crypto assets. Unfortunately, entrusting a 3rd party with your private keys has risks. If an attacker can successfully impersonate you, they can instruct the broker to transfer your funds into their own wallet. All brokers (that I know off) require TFA, which makes the attacker’s job more difficult, but not impossible. They will first need to find usernames of potential targets. Then they have to get the password. And finally, if the target uses SMS-based authentication, the attacker can perform a SIM swap to intercept the TFA code which will grant them access to the target’s funds.

Finding Targets

As we will see, gaining access to a wallet requires an up-front investment and takes time. That’s why attackers want to identify lucrative targets beforehand. Sometimes people make that easy simply by bragging about how much crypto they own. But a much larger list of potential targets can be obtained by looking through leaked databases of some hardware wallet sellers. If someone is willing to invest in a hardware wallet, they are more likely to have more substantial crypto holdings1. Those databases contain email addresses, giving the attacker usernames of potential targets. One down, two to go.

Getting User Profiles

Equipped with the email adreses, the attacker can get the password by taking advantage of previous data leaks. If there is some account which uses this email address on a site that has been compromised, the attacker can just try that password with the crypto broker. If the target used the same password, the attacker will now be asked for a TFA code. Two down, one to go.

At this point, the broker will typically show a message like “A verification ncode has been send to the phone number ending with XXXX-XXX-XXX-24”. This is useful for the attacker in two ways. Firs, it lets them know that the target (we can drop ‘potential’ if we got so far) uses text-based authentication instead of an authenticator app. Second, it can be used to verify a phone number obtained through research.

To perform a SIM swap, the target’s phone number and mobile carrier are needed.

I’m not that clear on how you find out someone’s phone number. I think it’s some combination of social media research and database lookups on freely available background checking tools. Once you’ve got the phone number, however, it is easy to look up which carrier it belongs to, since different carriers use different formats for numbers.

Overcoming TFA

Sim swaps are hard since they are based on physical theft. Someone needs to walk into the shop of a carrier, snatch the storemanager’s tablet, and use it to transfer the target’s phone number to another sim. For this to work, the attacker needs to know the storemanager’s password, which he can get, for example, through social engineering. Stores are working on dealing with this problem and are usually able to lock a tablet within 10 minutes, but that is enough to make the swap, get the authentication code and authorize a transfer of funds. Three down.

Overcoming Withdrawal Limits

There is an aditional hurdle for the attacker. By default, there are limits to how much money can be transferred out of an account on any given day. However, apparently some (?) brokers currently have exploitable vulnerabilities which make it possible for an authenticated user to withdraw more than the limit.

Security Recomendations

Now that we know how an attack looks like, how do we protect ourselves?

  • Don’t make it known that you hold crypto. (Same for all other forms of wealth, for that matter).
  • If possible, buy a hardware wallet anonymously.
  • Whenever possible, keep your crypto in an offline wallet you control. A hardware wallet is probably best, but I don’t feel competent enough to give advice here.
  • If you have to use a broker, make sure you set withdrawal limits2.
  • Don’t reuse passwords. Reused passwords are the basis for many attacks.
  • Use a password manager, and long, random passwords.
  • Don’t share personal information publicly.
  • Use a dedicated email address for your broker account.
  • Whenever possible, use an authenticator app instead of an SMS authentication code3.

Some of these pieces of advice are harder/less realistic to implement fully than others. Implementing some is much better than doing nothing. And, of course, it is easy to see how many pieces of advice generalize to other types of attack, so they might apply even if you don’t hold any crypto.

  1. But why should someone who has a hardware wallet also have crypto in an exchange? ‘Drew’ doesn’t go into this, but my guess is that people do this because they want to have some crypto available for trading. Also carelessness and comfort may get the better of you after a while, even if you committed to good opsec when getting into crypto. 

  2. The vulnerabilities I mentioned are continuously being fixed. You might get lucky and get an attacker who doesn’t know the current ones. 

  3. FreeOTP+ is an option for Android, freely available from F-Droid and the PlayStore.