This one is for now a bit low-key of a headline, but I'll share it with you guys.
Crypto enthusiasts have, over the past few months, noticed that an unknown party has been slowly and methodically draining coins and tokens from many wallets across several different blockchains. The attacks are quite sophisticated. It seems to involve malicious tokens being dropped into wallets, but the accounts being targeted aren't the victims of like, link-swap scams or anything so common as that. Whoever it is seems to have a MASSIVE list of wallet keys gathered from many sources over potentially years, and is now taking their time going through them all, and no one has been able to find any commonalities that connect all of the compromised wallets.
The campaign is using curious tactics, like transferring the small amounts in one of a victim's wallets to another, and then another, or even from one victim's wallet to another victim's wallet and so on, until a threshold amount is reached and the coin is actually cleaned out. Days, weeks, or months later, the attacker often returns to the compromised wallets to collect anything left behind during the initial sweeps. As far as the transactions can be traced, the stolen coin is always exchanged to Bitcoin.
I don't use Twitter anymore, but the source for this story linked to a Twitter thread, so I'll have to post that here - give it a read, although keep in mind the poster IS a crypto enthusiast:
What's so sad but funny about this is that these guys have very extensively been tracking this but there's absolutely nothing that can be done about it.
If a bank notices a series of suspicious transactions and patterns, they can unilaterally lock accounts and block transactions until the real known owners can be contacted to verify them. Or the bank can stop transactions from completing if the owner themselves flags suspicious activity. And, if nothing else, the compromised account holder can, you know, just like, change their password. If the account is very badly compromised the bank easily just start a completely new account and transfer over everything, or cancel the stolen debit card and issue one with completely new numbers, all for free.
But crypto wallets don't have any of those options. It's all "decentralized" remember, that's the big selling point, the thing that makes it Better than Banks and Traditional Currency! And it means that there's no institution that can block or cancel account access or transfers. Once a crypto wallet is compromised, it's compromised forever. The wallet key can't be changed. You can start a new wallet and transfer your remaining stuff to it, for whatever the standard transaction fees are at the time you want to do it, and that's literally ALL you can do - even armed with foreknowledge. But that's little help if your first clue that your wallet has been compromised is that it's empty, because at that point it's already too late.
And because of the way Eth and "smart contract" blockchains work, even if you're lucky enough to notice the token getting into your wallet before it does any (or too much damage), you can't even just delete it, you actually have to transfer it to somebody else - for a transaction fee. And nobody's really in the market for hacky tokens, so you'd have to like set up your own dummy wallet to send it to - for a fee - but, even that might not save you, because interacting with the token to transfer it activates whatever code is inside it, so it can just grab everything else in your wallet on its way out the door.
www.theverge.com
