Update of September 1, 11:30 p.m. UTC: This article has been updated to include information from the Director of Information Security of Halborn.
Last month, Crypto user and NFT artist, Princess Hypio, told her disciples that she had lost $ 170,000 in crypto and non -cottine tokens after a crook convinced her to play a game with them on Steam.
While playing “without thinking” with the crook, they secretly flew her funds and would praise her discord. The same tactic was used on three of her other friends, she wrote in an article on August 21 on X.
It turns out that tactics have existed for some time and is known by some under the name of “Try My Game” scam, whose users have reported for years in different forms.
Addressing Cointelegraph, Kraken’s security director Nick Percoco, said these methods have become an increasingly popular attack method
“Try my game” Hack: how it works
The cryptographic version of the scam implies a hacker hacker joining a server or a Discord group, who is waiting, by learning how users interact with each other and later using this information to gain confidence.
The pirate then asks users if they have a crypto or NFT, often pretending to ask questions and assess the digital assets they may have. In the case of Princess Hypio, they had a Milady NFT, which resulted in being targeted.
After identifying a target with Crypto, the pirate invites the victims to play a game, sending a link to a server with Trojan malware that gives access to user devices, which allows them to steal personal information and empty connected wallets.
In the case of Princess Hypio, the stratagem involved convincing her to download a game on Steam by offering her to buy it. The game itself was safe, but the server on which the game was hosted was malicious.
She lost $ 170,000 from the attack, she said.
It only comes from days after Discord has published its deceptive policy explanator, warning that the promotion or realization of financial scams on the social platform violates the conditions of use.
“These scams do not exploit the code; They exploit confidence. The attackers pretend to be friends and put pressure on people to take measures that they would not normally take, “said Percoco.
“The greatest vulnerability of crypto is not code is confidence. The crooks exploit the community spirit and curiosity to enjoy good intentions. ”
The attackers integrated into communities, learn culture, imitate trust friends, then strike, he said.
Gabi Urrutia, director of information security of the Cybersecurity Company Halborn, told Cintelegraph that the scam combines social engineering with malware, and although it is not “very sophisticated”, it is insidious due to “its breach of confidence among the members of a community”.
“It is not as important as traditional phishing in volume, but it is more and more frequent in web 3 and play communities, where there is a mixture between trust in pair in pairs and high-value assets,” he said.
“The key here is psychological manipulation: the attacker begins to be part of the community, learns the slang and presents himself as a friend of a friend.”
Tactic of crook moving the crypto
In February, a user under the Raetheraven handle published on the Malwarebytes forum that he had fallen into the prey to “the infamous scam” after someone they thought was a friend sent a link. A Reddit forum that started in July also warned against the scams targeting players.
Percoco told Cointelegraph that if the cryptographic industry tends to see these scams first, the tactic spreads to the sectors.
He said that the best way to avoid being attracted is to have a “healthy skepticism”, to confirm identities through another channel, to avoid managing unknown software and to remember that “doing nothing is safer than making a risky step”.
“If something feels rushed, generous or too beautiful to be true, it’s almost always. Do not trust, check.”
Urrutia said that the defense against this scam implies very specific habits, as stopped to think before signing anything, keeping the privileges at least and avoiding using the same device for the game and the management of wallets.
“And on the community side, there is also a lot to do: limit direct messages of foreigners, check the new members and strengthen the culture of security. In the end, the great challenge is not technological, but cultural,” he added.
False recruitment campaigns even worse
However, Percoco also said that even if discorders are increasing, a more widespread trend in the crypto currently involves false recruiters.
In relation: North Korean pirates target crypto developers with false recruitment tests
In a recent case in June, a threat player aligned by North Korea has targeted job seekers in the cryptography industry with malware designed to steal passwords for cryptographic wallets and password managers.
“The identity theft of discord is increasing rapidly, but the most widespread trend we follow today is false recruitment campaigns where victims are attracted to job offers and have deceived phishing ties,” said Percoco.
Meanwhile, Urrutia said that the largest volume of scams that Halborn has seen implies the blind signature, the phishing of approval, and similar, but they are all “developments of the same idea: not steal the key by force, but so that the user voluntarily puts it back”.
“A recent and very publicized case was the attack on the statement, where the attackers took advantage of the blind signatures and the mismanagement of the authorization to drain the funds.”
Review: XRP “ Target cycle ” is $ 20, the Bitcoin strategy The rejected laws: Hodler’s Digest, 24 to 30 August 30