CEX blog. IO | How to protect your browser-hacking attacks: Five tips for cryptocurrency users

Recently, a vulnerability was discovered in the TOR network, used for anonymous access to the Internet, allowinghackers steal the assets of crypto exchange users andwallets. This only complements the range of popular methods that hackers use to attack cryptocurrency owners through their browsers. Dmitry Volkov, CTO of CEX.IO, gave some tips on how to protect yourself from such attacks.

When it comes to trying to steal cryptocurrency, attackers almost always focus on the browser through which most users enter exchanges and exchange their cryptoassets.

The first and easiest attack method is phishing. Attackers give users fake websites very similar to the original. At the same time, social engineering is actively used to convince the victim of the need to urgently take some action. And if the browser does not have a ban on working over unprotected protocols, the check of suspicious sites and the presence of certificates is disabled, the threat of hacking increases many times over.

And according to recent news, the risk zone isusers of the TOR browser, which is often used to achieve anonymity. The so-called “man-in-the-middle” attack allows an attacker to intercept and read the transmitted data, as well as spoof the information you send.

Means of combating such attacks on the Internethave been around for a long time and have become standard. First of all, this is the HTTPS protocol, through which user data is transmitted in encrypted form. By connecting via HTTPS, the user can be sure that he is on a real and not a fake site. However, the practice is that attackers often force the user to establish a connection not via the secure HTTPS protocol, but via the unsecured HTTP protocol.

There are generally accepted security rules that help you avoid hacker attacks and not lose your funds. This requires:

1.With suspicion of any site, check for a certificate and connection security

Since phishing is the main toolhackers trying to steal crypto assets, any site should be suspected. Hackers love to make fake sites very similar to the original, so don't be fooled by the usual shapes and graphics, double check everything.

2. Do not follow links from letters and messages

From a search engine or Favorites, you are notyou will be taken to a phishing site. But the links from messages and letters can go anywhere. So do not rush to click on the button directly in the letter. Enter the required address manually, or go to the site through Yandex or Google.

3. Regularly update your browser and security systems on your computer

In terms of the security of your valuable data,you should always assume that the system with which you access the Internet is vulnerable. Before making a transaction with your coins, update your antivirus, make sure that all patches are installed on your computer and the latest anti-malware databases are loaded.

4. Work with sites that meet all safety requirements and operate under the control of one of the recognized regulators

By themselves, exchanges and crypto wallets can alsobe hacked by hackers, and therefore you need to choose reliable platforms to store your assets. Regulatory exchanges are, by definition, more secure. Users of such platforms have access to two-factor authentication and the use of multiple signatures. We at CEX.IO also provide additional protection for all clients through the use of a hot and cold wallet.

5. Store multiple backups of any important data, including those associated with crypto wallets

As a result of a hacker attack, you may sufferyour data, and even if an attacker does not get to your wallet or online account, you may be left without access to your assets. This state of affairs in the world of cryptocurrencies is equivalent to a loss of funds, so be sure to save encrypted keys and credentials in different places.

Read the full material here.