Spectacular cyber heists from NFTs, crypto exchanges and all things new in the blockchain evolution require extreme cyber diligence and paranoia
Since the concepts of cryptocurrency and blockchain first came on the scene in 2008, things have progressed considerably—including the introduction of Ethereum, Non-Fungible Tokens (NFTs), the Metaverse and the Internet of Value (defined as “the instant transfer of assets that can be expressed in monetary terms over the Internet between peers without the need for intermediaries”).
Rapid innovation means new projects are coming out each day. The problem with this, however, is that there is not enough focus on securing what is being built, according to Check Point Software Technologies (CPR).
And the bigger risk here is that new frontiers, like the ‘metaverse’, will then be built on an insecure foundation. In fact, security and privacy issues are the main concerns holding back the development of this metaverse.
Just last year, crypto scammers stole a record US$14bn. Over the past 12 months, CPR had found serious security gaps in leading Web3 platforms such as OpenSea, Rarible and Everscale.
How to stay protected
Blockchain transactions are irreversible. In a blockchain system, you cannot block a stolen card or dispute a transaction. If the keys for your wallet are stolen, your crypto funds can become easy prey for cybercriminals, and therefore cyber safety should be of users’ concern at all times.
Here are some tips for general blockchain safety and for the security of keys, as recommended by the firm:
- Do not open suspicious links, especially from any source you do not recognize
- Keep your operating system, anti-virus software and cyber security software updated at all times
- Do not download software and browser extensions from unverified sources
- Be wary whenever receiving requests to sign any link within any marketplace
- Prior to approving a request, users should carefully review what is being requested, and consider whether the request seems abnormal or suspicious
- If there are any doubts, users are advised to reject the request and examine it further before providing any kind of authorization
- Users are advised to review and revoke token approvals under this link: https://etherscan.io/tokenapprovalchecker
Said Oded Vanunu, Head of Products Vulnerability, CPR: “Today with the big tech companies investing in the metaverse, the fine-tuning of blockchain technologies and active innovations are creating the new internet. We now stand at the dawn of a new era—the metaverse era—and it will be fascinating to see what is to come and how we will secure its future. In the meantime, users should remain aware of crypto-wallet risks and remain vigilant when it comes to suspicious activity that may lead to theft.”