Ethereum under attack

Group-IB, a global leader in preventing and investigating high-tech crimes, and high-grade threat intelligence and anti-fraud solutions provider, has detected a scam attack on Numerai, a hedge fund that was the first to launch its own cryptocurrency, the Numeraire (NMR) earlier this year. Fraudsters offered to estimate how much NMR a user is entitled to, if ETH Wallet Address and Balance is provided.

Spreading this offer via Slack using the name of a Numerai employee, fraudsters proposed recipients an opportunity to claim an NMR airdrop. Having provided ETH Wallet Address and Balance, and receiving an NMR balance estimate, the victim is then asked for a private key (which no site should ask for) supposedly for a verification procedure. Once fraudsters receive the key they promptly drain the account.

The phishing page is quite well made – aside from the video embedded and the absence of favicon, which would potentially alert an aware user – all links work by redirecting the user to 3rd party web-sites and even to the company’s original page.

Cybercriminals tend to use trending topics and human weakness to succeed in fraudulent activities. They pay special attention to the areas where people have less expectation for fraud or experience. Therefore it’s very important to remain alert online, especially when in relation to sensitive personal data and financial transactions.

Yaroslav Kargalev

Senior Analyst CERT-GIB

Phishing site suggests entry of a private key for ETH wallet verification

Phishing site suggests entry of a private key for ETH wallet verification

Following simple cybersecurity best practices can considerably minimize risks:

  • Be cautious of any proposals you receive online, especially coming from unknown accounts.
  • Even if you receive a message with a proposal from a known contact, think twice before clicking.
    Their account may be compromised.
  • When it comes to sensitive topics, i.e. personal data, money transfers, etc. check the URL of the resource. If you aren’t sure, google it. Wikipedia articles and official social media channels can help.
  • No one web-site, call center operator, or messenger should ask you for sensitive data like passwords, PIN‑codes, or any private keys.
About Group-IB

Group-IB, with its headquarters in Singapore, is one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigating high-tech crimes, and protecting intellectual property. The company’s Threat Intelligence and Research Centers are located in the Middle East (Dubai), the Asia-Pacific (Singapore), and Europe (Amsterdam).

Group-IB’s Unified Risk Platform is an ecosystem of solutions that understands each organization’s threat profile and tailors defenses against them in real-time from a single interface. The Unified Risk Platform provides complete coverage of the cyber response chain. Group-IB’s products and services consolidated in Group-IB’s Unified Risk Platform include Group-IB’s Threat IntelligenceManaged XDRDigital Risk ProtectionFraud ProtectionAttack Surface ManagementBusiness Email ProtectionAudit & ConsultingEducation & TrainingDigital Forensics & Incident ResponseManaged Detection & Response, and Cyber Investigations.

Group-IB’s technological leadership and R&D capabilities are built on the company’s 19 years of hands-on experience in cybercrime investigations worldwide and more than 70,000 hours of cybersecurity incident response accumulated in our leading DFIR Laboratory, High-Tech Crime Investigations Department, and round-the-clock CERT-GIB.

Group-IB is an active partner in global investigations led by international law enforcement organizations such as Europol and INTERPOL. Group-IB is also a member of the Europol European Cybercrime Centre’s (EC3) Advisory Group on Internet Security, which was created to foster closer cooperation between Europol and its leading non-law enforcement partners.

Group-IB’s experience in threat hunting and cyber intelligence has been fused into an ecosystem of highly sophisticated software and hardware solutions designed to monitor, identify, and prevent cyberattacks. Group-IB’s mission is to protect its clients in cyberspace every day by creating and leveraging innovative solutions and services. To do so, we analyze cyber threats, develop our infrastructure to monitor them, respond to incidents, investigate complex high-tech crimes, and design unique technologies, solutions, and services to counteract adversaries.