Crypto security expert Harry Denley has done it again. The antiphishing professional, in association with Binance, helped a victim get back $10,000 worth of lost cryptocurrency. Previously ‘Helping Harry’ had recovered $4000 worth of stolen crypto funds for a user.
Fake MetaMask and Uniswap UI Used for Stealing Crypto
In his latest blog article, Harry Denley, a security and antiphishing expert at cryptocurrency management firm MyCrypto recounted an incident where he intercepted $10,000 worth of stolen crypto and returned them to the original owner.
According to Denly, the victim fell prey to a ‘sophisticated phishing technique.’ Hackers mimicked the victim’s Uniswap and MetaMask wallet account to steal their private key, Keystore file, mnemonic phrase. To quote the exact details of the act:
The bad actor(s) would deploy a malicious dapp interface (in this case it was a fake Uniswap UI) and prompt the user to connect their MetaMask account. The kit would then mimic the MetaMask popup and throw an error state to then prompt the user to enter their secret. Once the user did, it would send the user’s input to their database via a REST API and direct the user to the legitimate app.
Intercepting the Act, like a Hero
The database involved in the hack was open. Harry used it to his advantage to track and stop the flow of funds.
He fetched all the entries periodically. It wasn’t much of a challenge. The malicious actors had a DaaS (Desktop-as-a-Service) arrangement in place. All he had to do was clear past the ‘API key HTTP header’ hurdle.
Finally, he was able to retrieve the phished details. Those details then distilled through his custom sweeper resulted in the reception of some of the stolen funds.
In the process, ‘Helping Harry’ discovered some more spurious domains that may have beguiled unsuspecting crypto users into giving up their funds.
Teaming Up with Binance to Return the Stolen Crypto Funds
Harry found out that withdrawals were processed from Binance, and the victim’s address was used in the same.
His acquaintances at the cryptocurrency exchange shared his email address with the victim. Within an hour, the user contacted Henry. After a few verification steps to ascertain whether the user is genuine or not, he transferred the retrieved crypto funds.
Not the First Heroic Act by ‘Helping Harry’
This is not the first time that Harry has helped retrieve lost stolen funds for crypto victims. According to a July 1 blog post, he returned $5000 worth of cryptocurrencies to a user whose Trust Wallet (read fake) account got hacked.
The victim apparently downloaded a makeshift Trust Wallet app from the Google Play store. It looked and felt exactly like the original app, and had a lot of reviews, downloads, and a 3.5-star rating.
Apparently, when the user entered his backup key to set up the wallet, it resulted in an error, following which he lost his funds.
Crypto Jacking and Scamming Incidents on the Rise
These were petty thefts compared to the massive Twitter hack last week. As reported by CryptoPotato, Twitter handles of 130 illustrious individuals like Bill Gates, Barrack Obama, Jeff Bezos, Elon Musk, etc were used for spreading a Bitcoin scam.
Scammers made away with ~$120,000 in BTC, and although Twitter has blocked the use of Bitcoin addresses on its platform and also issued an explanation, it shows how massive crypto pilferage incidents are on the rise.
A few days back, Argentina’s largest Telecom company fell prey to a Monero ransomware attack. Attackers demanded $7.5 million in ransom to release the locked data.
These incidents reflect badly not on the cryptocurrencies involved, but on the centralized arrangements that hoard our day-to-day lives. Hackers always find a way to target central points of failure to steal funds, data, and whatnot.
Is a complete decentralization a viable solution out of this? That remains to be seen.