- In 2021, crypto scammers stole a record $14 billion – a 79% increase on the previous year
- Over the past 12 months, Check Point Research (CPR) has found serious security flaws in leading Web3 platforms such as OpenSea, Rarible and Everscale
- Check Point Research (CPR) estimates that thousands of crypto related cyberattacks took place in 2021 and of these, at least 40 had major consequences, causing losses of up to 1-3 billion dollars.
On Bitcoin Day 2022, Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, warns users of the persistent dangers of cryptocurrencies and provides recommendations to keep wallets safe. While the concept of Bitcoin and Blockchain first came on the scene in 2008, things have progressed considerably since, including the introduction of Ethereum, Non-Fungible Tokens (NFTs), the Metaverse and the Internet of Value.
Despite these advancements, there are still huge risks to users. Indeed, just last year, crypto scammers stole a record $14 billion. So what are these risks? Why are crypto scammers so successful? And what can users do to keep themselves safe?
Rapid innovation leaves vulnerabilities
Cryptocurrency is growing fast – in just fifteen years, the crypto asset market has grown to over $2 trillion. While innovation is great, the pace of development often leaves potential holes for breaches. Over the past 12 months, Check Point Research (CPR) has found serious security gaps in leading Web3 platforms such as OpenSea, Rarible and Everscale.
More focus on tech, less focus on security
Rapid innovation means new projects are coming out each day. The problem with this, however, is that there is not enough focus on securing what is being built. And the bigger risk here is that new frontiers, like the Metaverse, will then be built on an insecure foundation. In fact, security and privacy issues are the main concerns holding back the development of the Metaverse.
Not enough security experts
According to the 2021 (ISC)² Cybersecurity Workforce Study, the world is already lacking 2.72 million cybersecurity professionals, let alone any that specialize in Web3. The same study states that the global cybersecurity workforce needs to grow by 65% to effectively defend organizations’ critical assets. That percentage is likely to be a lot higher if we also consider cryptocurrencies and the Metaverse.
Oded Vanunu, Head of Products Vulnerability at Check Point Software commented: “Bitcoin Day is a good reminder for us to look back and review the technological milestones the blockchain has achieved. Today with the big tech companies investing in the Metaverse, the fine-tuning of blockchain technologies and active innovations are creating the new internet - the internet of value. We now stand at the dawn of a new era, the metaverse era, and it will be fascinating to see what is to come and how we will secure its future.”
He continued: “In the meantime, users should remain aware of crypto wallet risks and remain vigilant when it comes to suspicious activity that may lead to theft. Threat actors will continue to expand their efforts in order to hijack crypto wallets while exploiting system vulnerabilities as we’ve already seen in 2022.”
How to stay protected
Blockchain transactions are irreversible. In blockchain, unlike a bank, you cannot block a stolen card or dispute a transaction. If the keys for your wallet are stolen, your crypto funds can become easy prey for cybercriminals, and therefore safety should be the user’s concern at all times. To prevent theft of keys, and as general safety tips, CPR recommends:
- Do not open suspicious links, especially from a source you do not recognize.
- Keep your OS, anti-virus software and cyber security software updated at all times.
- Do not download software and browser extensions from unverified sources.
- Be wary whenever receiving requests to sign any link within any marketplace
- Prior to approving a request, users should carefully review what is being requested, and consider whether the request seems abnormal or suspicious.
- If there are any doubts, users are advised to reject the request and examine it further before providing any kind of authorization.
- Users are advised to review and revoke token approvals under this link: https://etherscan.io/tokenapprovalchecker.
For more information about the evolution of the bitcoin to the role it now plays in the new metaverse you can read more on the Check Point blog.
About Check Point Research
Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs.