Group-IB, a resident company of the Skolkovo Foundation specialising in investigating and preventing cybercrime, has teamed up with the Waves open-source blockchain platform to shut down a phishing scam targeting users of the platform.
Ilya Sachkov, CEO of Group-IB, which predicted a surge in attacks on cryptocurrency exchanges last year. Photo: Sk.ru.
Users of Waves Platform, which allows people to launch their own cryptocurrency tokens, have recently been the focus of a phishing scam on Facebook, in which they were offered free bonuses by fraudsters in an attempt to gain access to the users’ accounts and assets.
“We want to be very clear that this is a scam,” Waves said in a joint statement published on the two companies’ websites this week.
“We take these fraudulent pages seriously and are actively taking steps to address this issue, including working with cybersecurity firm Group-IB, a global leader in combating high-tech crime and online fraud,” the company said.
Group-IB has been studying various hacker groups and scammers and their constantly evolving tools and schemes for years, said Ilya Sachkov, CEO of Group-IB.
“They are driven by financial motivation, and, since the inception of the blockchain industry, many of them have shifted their focus to this new market: hackers’ methods of work in relation to fintech projects are similar to those used for attacks on online banking and electronic payments systems. However, unlike the banking segment, fintech is not subject to the regulator’s requirements, the level of information security depends only on each project itself,” Sachkov said in the joint statement.
He welcomed Waves’ move to take action over the phishing scam before the problem could develop further, and said the platform was setting an example for the crypto industry.
“Protection of the business and its assets is a priority for any industry, regardless of its age,” said Sachkov.
The number of security threats to cryptocurrency and blockchain projects has rocketed alongside the bitcoin rate, according to Group-IB. Photo: Sk.ru.
“It’s important for users to remember that the flipside of being in control of their own funds is that there is no authority to reverse a fraudulent transaction,” said Alexander Ivanov, CEO of Waves Platform.
Ivanov urged the platform’s users to be vigilant of phishing attempts, and to report malicious sites and links immediately. The company also posted a link to guidelines on its website aimed at helping users to protect their tokens against cybercriminals.
Group-IB, which investigates about 80 percent of high-profile cybercrimes in Russia and the CIS, predicted last year that cryptocurrency exchanges would be the most likely hacking targets in the near future, along with banks and power stations.
“The number of threats for cryptocurrency and blockchain projects recorded by our Threat Intelligence system has rocketed alongside the bitcoin rate,” Dmitry Volkov, head of the Threat Intelligence department and co-founder of Group-IB, said back in October.
In addition to phishing attacks, Group-IB protects banks, financial and insurance organizations from various types of online fraud, the planting of malicious programmes on online banking websites, and unauthorized remote connection to a client’s device in order to conduct a transaction on their behalf.
The company, a resident startup of Skolkovo’s IT cluster, has an emergency response team responsible for monitoring online activity 24/7 to identify and respond to any incidents or security breaches.
Last spring, Group-IB helped Russia’s Interior Ministry catch a gang of hackers suspected of using a Trojan virus to steal money from more than one million bank accounts via mobile banking apps. And last month, it revealed that another criminal group had carried out at least 20 successful attacks in Russia, the U.S. and U.K. – and had largely gone unnoticed.
At the end of last year, the investment company Altera Capital increased its stake in Group-IB from 10 percent to 25 percent, citing the potential of the company and industry. The value of the deal was not disclosed.