Private key leaks were identified as the leading cause of crypto thefts in the second quarter of 2024 by cybersecurity firm SlowMist’s investigative branch, MisTrack.

The report highlighted many instances wherein users stored their private keys or mnemonic phrases in cloud storage services like Google Docs, Tencent Docs, Baidu Cloud, and Shimo Docs.

Private Key Leaks

Some users were also found to have shared their private keys or mnemonic phrases with trusted friends via tools such as WeChat, and some even use WeChat’s image-to-text feature to copy mnemonic phrases into WPS spreadsheets, encrypt them, and enable cloud services while also storing them on local hard drives.

While such moves appear to improve information security, they end up significantly amplifying the risk of information theft. SlowMist found that malicious entities often employ “credential stuffing” techniques. This involves attempting to access accounts using leaked login information obtained from online sources. Once successful, attackers can readily locate and extract crypto-related data.

Fake wallets represent another major cause of private key leaks.

Next, phishing schemes emerged as the second-highest cause of theft. In certain cases, victims are duped by fraudsters masquerading as customer support representatives who persuade them to divulge their seed phrases. In other cases, users fall prey to deceptive phishing links on platforms such as Discord, inadvertently entering their private key details.

SlowMist also observed that phishing resulted in many theft incidents, specifically through unassuming users clicking on malicious link comments under tweets from well-known projects in the second quarter of the year.

The company’s security team had previously found that nearly 80% of the first comments under tweets from prominent project accounts are plagued by phishing scam accounts. They also uncovered Telegram groups selling Twitter accounts, many of which were linked to the crypto industry or influencers with varied follower counts and histories.

BSC Plagued With Honey Pot Schemes

Q2 also witnessed significant honeypot schemes in which digital currencies that appear promising to investors, but are designed to be impossible to sell after purchase.

SlowMist’s analysis revealed that the majority of these honeypot incidents reported in the quarter occurred on the Binance Smart Chain (BSC). Scammers essentially engineered an illusion of broad participation by circulating these tokens among numerous accounts and exchanges, resulting in inflated trading figures.

The post What Caused the Majority of Crypto Thefts in Q2 2024? SlowMist Reports appeared first on CryptoPotato.