Hacks, scams, bugs: things that put your digital funds at risk

Cryptocurrency should be safe and secure, but thieves are lurking around the corner too

Cryptocurrency, for some, is an imaginary thing that cannot be touched and seems too good to be true. For others, it is a secure and safe currency that is not affected by inflation and other things that might lower the value of common currency - paper money.

Cryptocurrency investors like that this is the digital currency that might become a form of other things like NFTs and be used to pay online or offline in real life. However, this secure and safe currency also cannot be easily traced. This is the feature that cybercriminals and malicious actors that work online especially love.

That is unfortunate for investors and everyday people who have cryptocurrency and rely on it as their income. One wrong move or, in this case, click and your money might appear in the hands of another party that cannot be traced. These are more common these days because malicious actors get smarter, and more people rely on digital currency.

Cryptocurrency users get scammed using fake letters about crypto tax

Scams that attract cryptocurrency investors and havers have come up more often since the popularity of digital currencies has grown significantly^[1]. Most of them target funds directly, and people lose money after one or two clicks on malicious content.

Recent days have shown that these scams could be successful and that the methods used might not be that difficult. Even though not all of these scams target people and their money directly, people believe various statements online, no matter how untrue they may sound.

Cryptocurrency users got scammed by a fake Elizabeth Warren letter addressed to US President Joe Biden that suggested a 1% wealth on cryptocurrency holdings exceeding $ 500,000. This method fooled social media users because it used the anti-crypto policy proposal that was supposed to be made by Massachusetts Senator Elizabeth Warren^[2].

The proposal was fake, but not many have thought about that right away. On April 21, many people got upset about a letter they thought Senator Warren sent to President Joe Biden. The letter asked for a 1% tax on crypto money over $500,000. It wanted Biden to support Warren's rules on crypto. Some people on social media said the letter was wrong, but others didn't believe them and this news broke havoc online.

Even though the letter wasn't on Senator Warren's website, Cointelegraph asked her office about it, but they didn't say anything. Warren doesn't like crypto and thinks it's bad because it can be used for bad things like giving money to terrorists. Some people don't like her ideas for new rules about crypto. That was the reason why many people fell for this.

In November, Warren will run for her job again. She'll probably run against John Deaton, a lawyer who knows a lot about crypto. This scam did not pose a risk to people's crypto funds, but many such online scams might contain links or over-layers of websites and other malicious content that instantly wipes wallets out once clicked or otherwise triggered.

Hacks exposing data: El Salvador state Bitcoin wallet code leaked

Hackers often target particular infrastructures like hospitals, universities, and government networks for reasons other than financial gain. However, there are malicious actors that get into these systems to gain money by extorting people who run the particular establishment.

Sometimes, hacking is the method used to revenge something or just create damage without any particular positive effect on the cybercriminals. Recent media reports revealed that hackers leaked the entire database of Chivo users in early April, and then hacker group CIberIntelligenciaSV started releasing the wallet's code^[3].

Chivo is El Salvador's state-operated Bitcoin wallet. This hack started when hackers exposed more sensitive information related to the wallet. The hacker group released part of the source code on the black hat hacking crime forum on April 23.

"This time I bring you the code that is inside the Bitcoin Chivo Wallet ATMs in El Salvador, remember that it is a government wallet, and as you know, we do not sell, we publish everything for free for you," hackers wrote in the message.

After some Chivo wallet problems, the personal information of 5.1 million Salvadorans got leaked. This was almost all of the grown-up people in the country. A group called VenariX warned people about this on April 22. They saw a message on a chat app called Telegram saying they would share the Chivo wallet's code.

They also shared a file called Codigo.rar with Chivo's code and VPN details. El Salvador started using Bitcoin as money in September 2021, and the government told people to use the Chivo wallet to buy and sell Bitcoin and use Bitcoin ATMs.

Bugs in cryptocurrency protocols can lead to full-on exploits and more serious problems

The previously mentioned Chivo walled had a bumpy ride at the beginning because bugs, other technical issues, and glitches initially interfered with the launch and the network's functionality. In early April, there were reports about personal information being stolen from Chivo. But the government of El Salvador hasn't said anything about it, which is making people even more confused.

The exposure of personal or digital wallet details and misuse of these particular pieces of data is the main danger, which is why such bugs need to be fixed as soon as they are noticed and reported before they are exploited and used by malicious actors.

Recently a patch on critical IBC protocol bug potentially saved millions. Cosmos, a big name in blockchain, has fixed a problem that could have been really bad^[4]. A security company, Asymmetric Research, found a bug in how different blockchains talk to each other. They told Cosmos about it, and now it's fixed.

The bug has been around since 2021, but only now could bad people have used it. Cosmos was able to fix it before anything bad happened. This shows how important it is to make sure things are safe when using different blockchains together.

This is not the first time Cosmos had to fix something like this. But because they did it quickly, no money was lost. It's important for companies to keep checking for problems like this to keep everyone's money safe.