Certainly Heres a creative and succinct English translation of the article titleSlowMist Analysis Private Key Leaks  The Leading Cause of Crypto Heists in Q2

The internet security company SlowMist has conducted a study of the victim assistance messages received by its investigation department MistTrack in the second quarter of 2024, in order to analyze common or uncommon hacker attack methods. After analyzing 467 stolen forms, it was found that private key leakage, phishing, and fraud were the three most common reasons for cryptocurrency theft in the last quarter.

According to a report released by SlowMist on Tuesday, the main causes of private key leakage for victims include storing private keys/mnemonics in various cloud storage services such as Google Docs. The report also warned that sending sensitive information such as mnemonics through communication apps like WeChat can pose risks, despite the security measures such as end-to-end encryption. The SlowMist team stated that attackers also use other fraudulent methods to deceive wallet users into revealing their mnemonics, such as impersonating customer service personnel and sending phishing links through platforms like Discord. SlowMist reminded users not to disclose their private keys or mnemonics to anyone under any circumstances.

In addition, downloading fake wallets that pretend to be popular cryptocurrency wallet apps was identified as one of the main reasons for private key leakage. These apps are mainly found in third-party app stores. SlowMist reported that they discovered a version of the imToken wallet on the third-party app store APKCombo, which was a non-existent version and “the most common fake imToken wallet version on the market”. There was even a rare case where a user’s private key or mnemonic was stolen due to downloading a fake Twitter app.

Furthermore, SlowMist pointed out that other reasons for cryptocurrency theft include phishing links and scams on social media platforms. Clicking on phishing links posted under the comments of well-known cryptocurrency project accounts can lead to asset loss if users proceed with authorization and signing. The report suggested that users take measures to prevent phishing attacks, including using various software and hardware tools to ensure asset and information security, such as the phishing risk blocking plugin Scam Sniffer.

In terms of scams, SlowMist highlighted the most common method as the “Piyu coin scam”, with most of the Piyu coin thefts occurring on the BNB smart chain (BSC). Scammers typically lure victims into buying Piyu coins that can only be bought and not sold, and create the illusion of rapid appreciation through market manipulation to entice victims to increase their investment. SlowMist also pointed out that many market participants inadvertently fell into the trap of the Piyu coin scam while chasing the “meme coin” trend. The team advised users to check and confirm tokens before trading, use security testing tools such as MistTrack or GoPlus to view the risk situation of token-related addresses, check whether smart contract code has been audited and verified on a block browser, read relevant comments, review project backgrounds, and increase self-defense awareness.

Source:
SlowMist
crypto.news

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

Successful Conclusion of CoinEx Taiwan’s 7th Anniversary Celebration, Embracing the Arrival of the Web3 Era Hand in Hand with Users

Since its establishment in 2017, CoinEx has been a professional cryptocurrency trading pla…