Ethereum under attack

Group-IB, a global leader in preventing and investigating high-tech crimes, and high-grade threat intelligence and anti-fraud solutions provider, has detected a scam attack on Numerai, a hedge fund that was the first to launch its own cryptocurrency, the Numeraire (NMR) earlier this year. Fraudsters offered to estimate how much NMR a user is entitled to, if ETH Wallet Address and Balance is provided.

Spreading this offer via Slack using the name of a Numerai employee, fraudsters proposed recipients an opportunity to claim an NMR airdrop. Having provided ETH Wallet Address and Balance, and receiving an NMR balance estimate, the victim is then asked for a private key (which no site should ask for) supposedly for a verification procedure. Once fraudsters receive the key they promptly drain the account.

The phishing page is quite well made – aside from the video embedded and the absence of favicon, which would potentially alert an aware user – all links work by redirecting the user to 3rd party web-sites and even to the company’s original page.

Cybercriminals tend to use trending topics and human weakness to succeed in fraudulent activities. They pay special attention to the areas where people have less expectation for fraud or experience. Therefore it’s very important to remain alert online, especially when in relation to sensitive personal data and financial transactions.

Yaroslav Kargalev

Senior Analyst CERT-GIB

Phishing site suggests entry of a private key for ETH wallet verification

Following simple cybersecurity best practices can considerably minimize risks:

Be cautious of any proposals you receive online, especially coming from unknown accounts.
Even if you receive a message with a proposal from a known contact, think twice before clicking.
Their account may be compromised.
When it comes to sensitive topics, i.e. personal data, money transfers, etc. check the URL of the resource. If you aren’t sure, google it. Wikipedia articles and official social media channels can help.
No one web-site, call center operator, or messenger should ask you for sensitive data like passwords, PIN‑codes, or any private keys.

About Group-IB

Founded in 2003 and headquartered in Singapore, Group-IB is a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime. Combating cybercrime is in the company’s DNA, shaping its technological capabilities to defend businesses, citizens, and support law enforcement operations.

Group-IB’s Digital Crime Resistance Centers (DCRCs) are located in the Middle East, Europe, Central Asia, and Asia-Pacific to help critically analyze and promptly mitigate regional and country-specific threats. These mission-critical units help Group-IB strengthen its contribution to global cybercrime prevention and continually expand its threat-hunting capabilities.

Group-IB’s decentralized and autonomous operational structure helps it offer tailored, comprehensive support services with a high level of expertise. We map and mitigate adversaries’ tactics in each region, delivering customized cybersecurity solutions tailored to risk profiles and requirements of various industries, including retail, healthcare, gambling, financial services, manufacturing, crypto, and more.

The company’s global security leaders work in synergy with some of the industry’s most advanced technologies to offer detection and response capabilities that eliminate cyber disruptions agilely.

Group-IB’s Unified Risk Platform (URP) underpins its conviction to build a secure and trusted cyber environment by utilizing intelligence-driven technology and agile expertise that completely detects and defends against all nuances of digital crime. The platform proactively protects organizations’ critical infrastructure from sophisticated attacks while continuously analyzing potentially dangerous behavior all over their network.

The comprehensive suite includes the world’s most trusted Threat Intelligence, The most complete Fraud Protection, AI-powered Digital Risk Protection, Multi-layered protection with Managed Extended Detection and Response (XDR), All-infrastructure Business Email Protection, and External Attack Surface Management.

Furthermore, Group-IB’s full-cycle incident response and investigation capabilities have consistently elevated industry standards. This includes the 77,000+ hours of cybersecurity incident response completed by our sector-leading DFIR Laboratory, more than 1,400 successful investigations completed by the High-Tech Crime Investigations Department, and round-the-clock efforts of CERT-GIB.

Time and again, its solutions and services have been revered by leading advisory and analyst agencies such as Aite Novarica, Gartner®, Forrester, Frost & Sullivan, KuppingerCole Analysts AG, and more.

Being an active partner in global investigations, Group-IB collaborates with international law enforcement organizations such as INTERPOL, EUROPOL and AFRIPOL to create a safer cyberspace. Group-IB is also a member of the Europol European Cybercrime Centre’s (EC3) Advisory Group on Internet Security, which was created to foster closer cooperation between Europol and its leading non-law enforcement partners.