23 August 2017

Ethereum under attack

Group-IB, a global leader in preventing and investigating high-tech crimes, and high-grade threat intelligence and anti-fraud solutions provider, has detected a scam attack on Numerai, a hedge fund that was the first to launch its own cryptocurrency, the Numeraire (NMR) earlier this year. Fraudsters offered to estimate how much NMR a user is entitled to, if ETH Wallet Address and Balance is provided.

Spreading this offer via Slack using the name of a Numerai employee, fraudsters proposed recipients an opportunity to claim an NMR airdrop. Having provided ETH Wallet Address and Balance, and receiving an NMR balance estimate, the victim is then asked for a private key (which no site should ask for) supposedly for a verification procedure. Once fraudsters receive the key they promptly drain the account.

The phishing page is quite well made – aside from the video embedded and the absence of favicon, which would potentially alert an aware user – all links work by redirecting the user to 3rd party web-sites and even to the company’s original page.

Cybercriminals tend to use trending topics and human weakness to succeed in fraudulent activities. They pay special attention to the areas where people have less expectation for fraud or experience. Therefore it’s very important to remain alert online, especially when in relation to sensitive personal data and financial transactions.


Yaroslav Kargalev

Senior Analyst CERT-GIB

Phishing site suggests entry of a private key for ETH wallet verification

Phishing site suggests entry of a private key for ETH wallet verification

Following simple cybersecurity best practices can considerably minimize risks:

  • Be cautious of any proposals you receive online, especially coming from unknown accounts.
  • Even if you receive a message with a proposal from a known contact, think twice before clicking.
    Their account may be compromised.
  • When it comes to sensitive topics, i.e. personal data, money transfers, etc. check the URL of the resource. If you aren’t sure, google it. Wikipedia articles and official social media channels can help.
  • No one web-site, call center operator, or messenger should ask you for sensitive data like passwords, PIN‑codes, or any private keys.

Group-IB is one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection, headquartered in Singapore. The company’s threat intelligence and research centers are located in the Middle East (Dubai), the Asia-Pacific (Singapore), Europe (Amsterdam), and Russia (Moscow).

Group-IB’s Threat Intelligence & Attribution system has been named one of the best in class by Gartner, Forrester, and IDC. Group-IB’s Threat Hunting Framework (earlier known as TDS) intended for the proactive search and the protection against complex and previously unknown cyberthreats has been recognized as one of the leaders in Network Detection and Response by the leading European analyst agency KuppingerCole Analysts AG, while Group-IB itself has been recognized as a Product Leader and Innovation Leader. Gartner identified Group-IB as a Representative Vendor in Online Fraud Detection for its Fraud Hunting Platform. In addition, Group-IB was granted Frost & Sullivan’s Innovation Excellence award for its Digital Risk Protection (DRP), an Al-driven platform for identifying and mitigating digital risks and counteracting brand impersonation attacks with the company’s patented technologies at its core.

Group-IB’s technological leadership and R&D capabilities are built on the company’s 18 years of hands-on experience in cybercrime investigations worldwide and 70,000 hours of cybersecurity incident response accumulated in our leading forensic laboratory, high-tech crime investigations department, and round-the-clock CERT-GIB. Group-IB is a partner of Europol.

Group-IB’s experience in threat hunting and cyber intelligence has been fused into an ecosystem of highly sophisticated software and hardware solutions designed to monitor, identify, and prevent cyberattacks. Group-IB’s mission is to fight high-tech crime while protecting our clients in cyberspace and helping them achieve their goals. To do so, we analyze cyber threats, develop our infrastructure to monitor them, respond to incidents, investigate complex high-tech crimes, and design unique technologies, solutions, and services to counteract adversaries.

Report an incident

Get 24/7 incident response assistance from our global team

APAC: +65 3159-3798
Europe: +31 20 226-90-90
EMA: +971 4 508 1605

Thank you for filling out the form! We will get back to you shortly.

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

Report an incident