On March 2, 2020, Amsterdam-based cybersecurity company ThreatFabric released a report on a new threat to the crypto community, the "Cereberus" Trojan horse virus.
- Popular Science | Blockchain Security Getting Started Notes (4)
- February security incident inventory: 12 incidents lost a total of 48.23 million US dollars, bZx was attacked by hackers
- Interview | Weizhong Bank Blockchain Security Scientist: Strictly adhere to the privacy data red line, business innovation compliance
- Blockchain security | APT attacks against a blockchain digital cryptocurrency trading platform
- Hardcore: Declassified U.S. Department of Justice sues Chinese OTC acceptor for money laundering
- Security Monthly Report | 16 security incidents occurred in November, with losses of nearly US $ 56 million
According to their report, Cereberus was able to steal the two-factor authentication code generated by the Google Verification application, which is used to secure online banking and email accounts, as well as cryptocurrency accounts on some exchanges.
Cereberus was first discovered in June last year, but has become a more serious threat since it was updated in mid-January this year.
Once the virus is installed on the device, it can download everything to a remote location, which can then be accessed by any number of fraudsters or criminals.
What's more, Coinbase is also on this Trojan's main target list among the potential list of 25 cryptocurrency exchanges being attacked.
Cereberus Trojan virus targets major cryptocurrency exchanges
Like other types of malware, this Trojan horse is also designed to disrupt the security features of a device or network.
The Cereberus virus works by stealing a two-factor authentication code (2FA) and providing it to anyone behind the attack. Most importantly, the virus can also steal PINs and swipe unlock patterns from infected devices, allowing malicious actors to access any content that exists on the device.
Cereberus is one of three other major threats that have recently appeared against 26 cryptocurrency exchanges. In addition to Coinbase, Xapo, Bitpay, Binance and Wirex are also on the list of potential targets.
Fortunately, the best way to prevent cyber attacks on your cryptocurrencies is to use a physical authentication key instead of a digital key that can be accessed remotely. The only way for a fraudster to obtain a physical key is to actually gain access to the device itself. As a result, the possibility of an attack is greatly reduced.
Safety is important
As Cryptopotato recently reported, $ 45 million worth of Bitcoin and Bitcoin Cash held by a whale user was stolen by an attacker through a so-called SIM card attack.
This underscores the importance of careful security measures. For a large number of cryptocurrencies, it is recommended to always keep them in a hardware wallet that is not connected to the internet. At the same time, seed phrases and private keys must be secured.
Don't store a large amount of cryptocurrencies on the exchange, and remember a popular phrase in the currency circle: "Not your key, not your bitcoin." This sentence also applies to other digital currencies.