SECURITY

Defiance Capital founder: How I prevent fraud after 60 NFTs were stolen?

share
Defiance Capital founder: How I prevent fraud after 60 NFTs were stolen?

This article summarizes the views of Arthur, founder of Defiance Capital, on his personal social media platform, as compiled and translated by BlockBeats:

This article is authorized to be republished from BlockBeats. The original article can be found here.

Initially, the following content was only written for our investment portfolio companies and partners. After some consideration, I believe they should be open-sourced.

Advertisement - Please scroll down for the full content

After conducting research and communicating with top cybersecurity experts, we believe that the organized hacker group BlueNorOff is plotting against prominent organizations in the cryptocurrency field.

Given their highly sophisticated social engineering attacks, I believe they have mapped out the entire network of relationships in the cryptocurrency field, knowing what kind of phishing emails are most likely to bypass our psychological defenses.

To further understand how these attacks are carried out, I strongly recommend reading this article, and the recommendations therein are worth considering.

It is crucial for us to be acutely aware that the cryptocurrency industry is becoming a prime target for state-sponsored cybercrime organizations. This organization is very cunning and experienced, and they may even change tools and attack patterns in the future.

Once the current methods of attack become less effective, such as the recent emergence of trojanized DeFi apps and wallet attacks, North Korea is likely to allocate more resources to this organization to escalate the intensity of the attacks.

Setting aside all standard cybersecurity recommendations, with the help of friends who are highly aware of cybersecurity, I propose the following incomplete security recommendations related to cryptocurrency. Hopefully, this will prevent similar events from happening to any of us.

Storing On-Chain Cryptographic Assets in Enterprise-Grade Custodial Solutions

A hardware wallet is not enough to secure EOAs (Externally Owned Accounts) as they can be compromised by a fake Metamask browser extension, allowing for unauthorized transactions. At the very least, it should be a multisig wallet like Gnosis Safe, protected by several hardware wallets.

I strongly recommend using more advanced custodial solutions like Fireblocks, Copper, Qredo, etc., as they come with native multisig 2FA (Two-Factor Authentication) wallets for transaction approvals.

Perform Additional Due Diligence when Hiring Remote Teams

Extra due diligence should be conducted when hiring remote teams, especially when employing software engineers or developers. "Lazarus APT group even participates in creating fake companies developing cryptocurrency software."

We've heard from one of our portfolio companies that their software engineer applicants seemed suspicious during interviews and did not match the profiles on their resumes.

Allocate Dedicated Computers for Cryptocurrency Trading

There should be dedicated computers solely used for cryptocurrency trading, isolated from any email, internet links, messaging apps, MS Word documents, PDFs, etc.

Implement 2FA for All Logins

While not specific to cryptocurrencies, it's important to note. Cloud storage, email, messaging apps like Telegram should all have 2FA logins enabled. Use Google Authenticator instead of SMS-based 2FA whenever possible.

Utilize hardware 2FA wallets like YubiKey for both company and personal accounts.

Bookmark Frequently Used Cryptocurrency DApp Websites

Sometimes search engines may lead to phishing sites. It's best to access cryptocurrency DApp sites via bookmarked lists to avoid inadvertently visiting phishing sites during searches.

Revoke Unnecessary Token Authorizations

Token authorizations allow another party to move your assets and are a necessary condition for interacting with most smart contracts. Avoid unlimited token authorizations and regularly revoke unnecessary authorizations, which can be done with Revoke.

Establish an Address Monitoring System

Internal cryptocurrency wallet addresses should be closely monitored so that the team can immediately detect and take action in case of unauthorized transactions. Solutions like Etherscan and Nansen provide this kind of monitoring.

Conduct Regular Cybersecurity Training for Team Members

All team members should undergo cybersecurity training upon joining, but this is often overlooked as organizations grow.

Prevent Phishing and Spam Emails by Properly Configuring Email DNS Settings

Opt for SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC in hard-fail or strict mode whenever possible.

Trust the Browser, Not the Website

Content under any browser bar can be insecure and a potential attack vector. Some DApps may prompt you to log into your cryptocurrency wallet if you haven't already. Never enter your password.