On March 2, 2020, Amsterdam-based cybersecurity company ThreatFabric released a report on a new threat to the crypto community, the "Cereberus" Trojan horse virus.
- Security Monthly Report | More than 17 typical security incidents occurred in March, the prospects and risks of Ethereum Defi coexist
- Breaking the Impossible Triangle of the Blockchain (6)-Blowing a Whistle on the Activity of the Blockchain
- Wuzhen·blockchain security has been put on a new height, how to protect the security boundary?
- In 2019, currency-related crimes caused US $ 6 billion in losses, and US $ 1 billion in BTC for the dark web
- zkSNARKs contract library "input pseudonym" vulnerability, many mixed currency projects
- Restore 28,000 bitcoins behind the lost Rashomon
According to their report, Cereberus was able to steal the two-factor authentication code generated by the Google Verification application, which is used to secure online banking and email accounts, as well as cryptocurrency accounts on some exchanges.
Cereberus was first discovered in June last year, but has become a more serious threat since it was updated in mid-January this year.
Once the virus is installed on the device, it can download everything to a remote location, which can then be accessed by any number of fraudsters or criminals.
What's more, Coinbase is also on this Trojan's main target list among the potential list of 25 cryptocurrency exchanges being attacked.
Cereberus Trojan virus targets major cryptocurrency exchanges
Like other types of malware, this Trojan horse is also designed to disrupt the security features of a device or network.
The Cereberus virus works by stealing a two-factor authentication code (2FA) and providing it to anyone behind the attack. Most importantly, the virus can also steal PINs and swipe unlock patterns from infected devices, allowing malicious actors to access any content that exists on the device.
Cereberus is one of three other major threats that have recently appeared against 26 cryptocurrency exchanges. In addition to Coinbase, Xapo, Bitpay, Binance and Wirex are also on the list of potential targets.
Fortunately, the best way to prevent cyber attacks on your cryptocurrencies is to use a physical authentication key instead of a digital key that can be accessed remotely. The only way for a fraudster to obtain a physical key is to actually gain access to the device itself. As a result, the possibility of an attack is greatly reduced.
Safety is important
As Cryptopotato recently reported, $ 45 million worth of Bitcoin and Bitcoin Cash held by a whale user was stolen by an attacker through a so-called SIM card attack.
This underscores the importance of careful security measures. For a large number of cryptocurrencies, it is recommended to always keep them in a hardware wallet that is not connected to the internet. At the same time, seed phrases and private keys must be secured.
Don't store a large amount of cryptocurrencies on the exchange, and remember a popular phrase in the currency circle: "Not your key, not your bitcoin." This sentence also applies to other digital currencies.