How cryptocurrency is stolen from your blockchain wallet

How Hackers Steal Your Crypto Without You Knowing… And How to Prevent it. – George Levy

Blockchain is very difficult to hack, so attackers are targeting theft of cryptocurrency directly from users' wallets. In this regard, it is necessary to know common hacker tricks for breaking cryptocurrency wallets, including new vulnerabilities.

Dust scattering

This attack does not work without blockchain and is relatively new. Dust refers to satoshi and other small coin particles like the wei in Ethereum. Criminals send tiny amounts of satoshis to wallet addresses and track the route of transactions thanks to the anonymity vulnerabilities of most coins' blockchains. Bitcoin is not a completely anonymous cryptocurrency, which makes it possible to track the further movement of satoshis on the blockchain and identify personal identifiers in addresses and wallets. If the owner of the wallet is identified, his cryptocurrency is already in danger.

To identify the owner, the criminals need to obtain the transaction context, i.e. find out any data about the client in addition to the target wallet. Data on other victim's crypto wallets interacting with the target one are valuable. For this, an extensive collection of data outside the blockchain is carried out, the purpose of which is to identify the withdrawal point of funds with identifying information. The most common point is the exchange account. To clarify all the data, the attackers carefully understand the work of the exchange and conduct in-depth analysis of the data, which cannot even be called a vulnerability..

So-called «dust» tracked by public blockchain observers, which are publicly available for both Bitcoin and Ethereum. After identifying a potential victim, attackers apply social engineering techniques (targeted phishing) to a specific person in order to gain access to funds.

The next stage is the fishing rods for the victim in the form of messages on social networks with any text that will force the holder of the cryptocurrency to open the attached file. It can be some important document on the work in the archive format or even graphic materials, under the guise of which is a malicious program. The virus itself can collect any information about actions on the computer, including entering a password, searching for stored keys or launching sites where you need to enter a password from a wallet. Ultimately, cryptocurrency hackers have a vault address, a password, and in rare cases, even access to control a cold wallet when connected to a PC. Rest – technical matter.



The procedure for deceiving people wandering around the Internet was described back in the 1980s, when the IP protocol was invented. The term itself «phishing» was first used in 1996 and has remained one of the most common theft techniques ever since.

Since the advent of Bitcoin, cryptocurrency transactions have become one of the main targets of phishing hackers who steal passwords from cryptocurrency wallets. Attempts range from crude and obvious − sending emails with links to forms requesting this information to complex − sites that look identical to popular exchanges.

Modern crypto hackers are not limited to stealing one password. They extract all the necessary data, including email passwords, and even bypass the two-factor authentication of crypto exchanges. An approximate list of data that the fraudster receives:

  • Victim's full name.
  • Phone number.
  • E-mail address.
  • 2FA code.
  • IP (including geographic location with IP).
  • The victim's browser.

Such a set allows you to contact the technical service with a request of the type «I broke my phone and can't log in due to two factors». In response, the technical support operator will request the above data to verify the account owner. If other information such as wallet balance is not required, the coins will float to the criminal's accounts. If the thief needs to know other data, he will try to use social engineering and spear phishing..

Thief apps

It takes a long time to enter a long wallet address and you can easily make a mistake, so copying is often used. Hackers have come up with applications that replace the copied crypto wallet address with their own, as a result of which the money goes into their pocket. To counteract such programs, you must always check the sequence of numbers after insertion.

How cryptocurrency is stolen from your blockchain wallet


How to protect your cryptocurrency

It is impossible to completely protect anything, but a number of simple tips will help reduce the risks of theft of virtual assets.

  • Use cold hardware crypto wallets.
  • Check the URLs of any sites that require a password carefully.
  • Use two-factor authentication.
  • Check the recipient wallet address when sending a transaction.
  • Don't use the same password on different sites.
  • Do not store passwords on a computer or USB flash drive without encryption. There are special programs for this, but you can do without them. As a last resort, encrypt your passwords yourself and remember the key to «decryption». For example, the document has three passwords «jsk3df», «sfjl; 3333», «oiu2222». You leave them as they are, but remember in your mind that the correct sequences are as follows: «jBk3df», «sBjl; 3333», «oBu2222». As a result, the owner of passwords only needs to know the second character, avoiding memorizing everything. This method is primitive, but already better than nothing..
  • Use a device for financial transactions that is not used for everyday Internet surfing. Explore the possibility of conducting offline transactions.
  • Do not neglect being tied to your phone and e-mail.
  • For financial transactions, do not connect to shared hotspots like Wi-Fi in cafes.
  • Do not conduct correspondence about financial transactions and investments.
  • It is better to split one large transaction into several so as not to attract attention «blockchain monitors», which «scatter dust».
  • Store cryptocurrency in different wallets.
  • Don't forget about wallet and two factor data backups. It is necessary to store copies in an encrypted archive on a device that is not connected to the Internet.

The last tip is more related to the possibility of losing cryptocurrency yourself without the participation of hackers, which happens quite often..