With millions of dollars worth of assets lost to phishing attacks after signing malicious licenses, the threat of losing crypto assets from suspicious links is very real. When these are paired with platforms that allow hidden links, users face a different type of risk.
On Sept. 4, Web3 security provider Pocket Universe shared how scammers are able to hide wallet-draining links on any text on instant messaging platform Discord.Although some users report that this feature only activated For recent Discord users, the ability to embed a link in any text has been available on many different social platforms for a while.
Scammers can now hide links in any Discord text ☠️
Watch out for hidden wallet drain links
For example pic.twitter.com/mgqG18sOF9— Pocket Universe (@PocketUniverseZ) September 4, 2023
Cointelegraph reached out to several cybersecurity professionals to learn more about how users can protect themselves from such attacks, and how platforms can improve security to keep users safe from such attacks.
Christian Seifert, a resident researcher at Web3 security firm Forta Network, said this type of attack has been a staple of hackers since the dawn of the internet. He explained:
“No matter what a platform creates, there will be hackers ready to find a way to crack it. Hyperlinks with text are a feature supported in HTML and have been a source of phishing attacks since the early days of the internet.”
According to Seifert, security requires a defense-in-depth approach. “Both platforms and users need to work hard to protect themselves,” he said. From the user’s point of view, security experts highlight that there are some plugins they can use to protect themselves from such scams.
Referring to Discord, Seifert noted that the platform does provide information about the true destination of a URL after a user clicks on it. However, the platform also allows users to “trust” future domain names. Scammers can abuse this, according to Seifert. He explained:
“Imagine a domain like foo.bar that is trusted by users. A scammer can craft a potentially malicious link that performs some action on this domain, such as making an oauth request to the scammer, such as foo.bar/oauth/scammer- account.”
One issue with the platform’s current implementation is that links and text can be deceptive and inconsistent with users’ expectations, the cybersecurity professional said. “If a text link clearly resembles a domain name or URL, and doesn’t match the actual target URL, Discord should ban such links,” he added.
related: Exploits, Hacks and Scams Steal Nearly $1 Billion in 2023, Report Says
Meanwhile, Hugh Brooks, director of security operations at blockchain security firm CertiK, also expressed some of Seifert’s views. Brooks said users and platforms have a collective responsibility to be vigilant against malicious actors. Platforms must constantly review and refine their security features, and users must remain vigilant and educated, he explained.
As for users, Brooks said they should be proactive and cautious when it comes to linking, especially when asked for signatures and permissions. The executive urged users to verify the authenticity of addresses on the website before allowing them access to crypto wallets. Brooks shared:
“A good practice is to cross-check URLs against recognized phishing warning lists. PhishTank, Google Safe Browsing and OpenPhish, as well as browser extensions like HTTPS Everywhere and ad blockers like uBlock are all valuable resources.”
These tools can alert users in real time when they are about to visit a known phishing or malicious website, Brooks explained. “Also, simply hovering over a URL link will reveal the actual URL, allowing users to confirm its legitimacy before engaging further,” he added.
When it comes to platforms, cybersecurity professionals say steps can be taken, such as only receiving messages from trusted contacts. A good example is Meta’s “Facebook Protect,” which lets users provide their accounts with enhanced security features, Brooks said.
“As the saying goes, the only constant is change. For the continued relevance of users and platforms, platforms have a responsibility to put security first. This involves not only updating security measures, but also cultivating a culture of vigilance and awareness among users,” he added.
Magazine: Should crypto projects negotiate with hackers?perhaps
Svlook
