 Hey everyone, this is Josh McIntyre also known as chain toots Really excited to be a part of DEF CON again this year and some of the great virtual content That's happening as part of the blockchain village. So first, I want to extend my thanks to Ajit, Ron, Nathan, and everybody that's doing all the hard work to put together blockchain village again this year Today, I'm going to be talking about subtle and not so subtle ways to lose your cryptocurrency This is going to be kind of a broad overview talk on some of the most common ways I'm seeing people get stolen from in my work doing tech education in the space So first a little bit about me. I'm giving an idea of a perspective that this talk is coming from. I'm a software engineer by trade So I'm not directly a security professional, but I'm really interested in security and cryptocurrency Because I think you know building secure software and powering people through technologies is a very important thing And on the side, I run a tech education project called chain toots So I build free and open source tech education content around cryptocurrencies, blockchains security and other computer science topics Personally, I'm getting really tired of meeting people after they lost money People that are coming to me through my videos that got scammed or made a mistake and Lost some amount of cryptocurrency. I have a goal of helping more people stay safe Before something bad happens to them in cryptocurrency It's such a young industry and I want to be a part of the education efforts that are going to help people from losing money to scammers and thieves The the reality of this technology that we're all working with is it's a very very powerful technology But it's also very vulnerable in that way if you don't use it carefully Cryptocurrencies have irreversible transactions and that's a really desirable property for us Right. We want money that's not sensorable that can be sent around to anyone in the world That's decentralized and uses secure or public key cryptography The problem is is that thieves and scammers can and do take advantage of this if people aren't careful so what I want you to get out of this talk is kind of an idea of the most common attack vectors and Really basic common sense mitigation techniques This talk isn't really presenting any original research on cryptocurrency security Rather, this is coming from a tech educator perspective What I actually see happen to my viewers and my listeners and people that I interact with doing this work and What I want to give you is Some insights and some new ways of thinking about crypto security that you can take back to the products that you're building Your users your companies your interest in the cryptocurrency space I just want to give everybody kind of a fresh Perspectives and some bullet points that will be helpful in preventing future problems So what's kind of a broad overview of what I want to talk about some of the different classes of attacks that? We are seeing as a crypto industry the first one that we're going to go over is the one that's often the most powerful and Seems to be a very common mechanism and that's of social engineering So that's just tricking people into giving up their cryptocurrency or their keys in some way We're going to talk about some interesting malware threats that are out there in the wild We're going to talk about the unfortunate reality of a user error with a powerful technology We're going to talk about bad security hygiene practices Some of these things are things that carry over a lot to other areas of information security whether it's a crypto exchange account or your email account and We'll talk lastly about a few wallet implementation problems that have happened Some of this may seem like common sense to you the listener right we're industry professionals But I want to hit home the points with this talk that these are always in which very real users real people get Racked with cryptocurrency. I want to talk about fixing that I want to talk about simple common-sense things that may seem like totally obvious to us as people that are computer science Professionals or other professionals working in the crypto space Well, let's talk about ways to make this digestible and easy for everyday people so that as cryptocurrency gets broad adoption We have less and less people getting stolen from in these sort of interesting ways So social engineering number one One of the biggest ways people get stolen from is fake support fake wallet support fake coin based supports social engineering scammers posing as a support channel for a legitimate company These are examples that I found actually out in the wild. These are these are real screenshots of For example a fake keep key watch wallet website. This came up Actually high in the search results for keep key So this type of attack vector is fairly straightforward We know in cryptocurrency that your seed phrase or your private keys are what grant direct access to The coins in the sense that if you have the private key You can sign a new transaction to transfer that cryptocurrency to an address That somebody else controls so that's how you do value transfer at a basic level in the world of Bitcoin So this attack is to trick the user into giving up access to the seed phrase So the attackers can sweep those funds out to a wallet that they control and they do this by Targeting public channels by which people often interact with crypto companies. So for example, Twitter or reddits Where companies like shapeshift have a presence These scammers will try to pretend to be a support official from one of those companies and Get them into giving up access To their seed phrase if this is some kind of non custodial wallet So for example, keep key hardware wallet or atomic mobile wallet or sometimes to trick them into giving up two factor codes So they can initiate a password reset and take over an exchange account I see this really commonly on for example the coinbase subreddit If you post that you're having trouble with your coinbase account You will like immediately get a bunch of dms from fake coinbase support people Trying to trick you into giving access to your exchange account so they can clean out whatever is there Buy more with your bank account send it to themselves So what are some simple counter measures for this? We need to warn a people that interact with crypto services on a regular basis that no Legitimate support is going to ask for something like two FA codes or seed phrases So if you're building a crypto wallet, if you're building an exchange service, whether it's decentralized or centralized We should have common sense warnings like this as part of our normal UX interaction social engineering number two which is a very popular thing that I encounter because I interact with a lot of crypto accounts on social media is impersonation so somebody pretends to be andreus antinopolis or Roger dear or the crypto tutor or even I have seen chain toots trying to get them in some way to Either give up access to keys or exchange accounts or more generally at leading users to fake Investment websites and trying to get them to send cryptocurrency directly to a scam or control to the dress a Lot of times these websites They're very easy to spot if you're somebody with experience in the space, but they are very convincing So somebody like fake Roger will send you to this great new trading algorithm website that he is building and Really, it's just a front to get you to send cryptocurrency. They're just modern look and feel UX websites That at the end of the day are displaying a Bitcoin or Ethereum address and trying to get you to send an irreversible transaction to that address again Countermeasures here fairly straightforward. It's Awareness spreading awareness of the irreversibility of crypto transactions. So knowing that if you send coins off to somebody that transaction can't be taken back and Awareness of what these types of common scams look like an impersonation tactics a really simple But really powerful example of this is Andreas Antonopoulos's Twitter bio which says Beware of giveaway scams So someone that's new to the space that's coming to interact with someone like Andreas Sees very clearly a warning about a common type of scam, right? This warning has probably saved real people from being stolen from It's a simple message, but it goes a long way These kinds of social engineering like doubling scams right Elon Musk is giving way Bitcoin send half a Bitcoin here And you'll get double back if we as People in the space that are you know, maybe some of the first people that a newcomer interacts with Have these types of warnings on our bios or things like that. That's a really useful way of warning people That these scams occur and again, so I think just making people aware that one of the powerful but Potentially dangerous parts of cryptocurrency is the fact that Transactions are irreversible, right? This is not your credit card. There is no charge back so make sure that you are aware of that and Know that when you send crypto to somebody you have no recourse So you need to be really careful before you send off that transaction So now we're getting into some of the more subtle ways that people lose cryptocurrency And I think this one is really really fascinating. These are malware threats right so computer viruses are just about as old as computers themselves and one of the new and interesting ways that people will try to steal is to Not only gain access to identity information like credit cards or social security numbers, but better yet Get direct access to cryptocurrency, which is a very sort of Liquid thing that you can take from somebody and they will have no recourse to get it back One of the interesting ways and this is happening is something called a clipboard swaps or copy-paste buffer swaps So this is a piece of malware that could get on your Device like your computer through any number of means right file sharing You know clicking on sketchy links and emails and what this type of malware will do is it will detect a Bitcoin or Ethereum or another cryptocurrency address in the clipboard buffer So crypto addresses are a little bit unwieldy at this stage right there, you know 30 to 50 character Addresses they're not something that you can type out really it's cumbersome to deal with and so one of the most common Ways to send yourself cryptocurrency here to send somebody else cryptocurrency Besides using a QR code is to just copy and paste an address if I want to send cryptocurrency from a Exchange account to my cold storage wallet, you know, I'm going to go into some user interface for that wallet and Copy and paste that address into Coinbase to create that transaction And what this type of malware will do is it will use something as simple as a regular expression to detect that and Replace the legitimate address that you the user are trying to send to with the attackers address So what will happen then is when you send off that cryptocurrency instead of it going to my cold storage wallet It's going to go into the attackers wallet because I copy and pasted an address and didn't think about Double triple checking that address This example on the screen here is a homebrew Example educational demo of one of these clipboard swabbing Types of viruses that I cooked up in about 30 minutes, right? This is not a complex piece of software To develop but it can be really really powerful if you get it on somebody's machine You know mine was meant to be educational was written in a language that you normally wouldn't use to write actual malware It's called Adderjack and it's available on my github if you want to kind of take a look at what this sort of code looks like Now this other example here this on the screen is a screenshot of a virus scan that a real client that reached out to me Gave me Somebody that I met online actually had this happen to them Where they were trying to send cryptocurrency? Which is some kind of a theorem token to their own wallet and they ended up sending off about $2,000 worth at the time of crypto to the attacker And it looks to me like he got that malware on his computer through file sharing so he wasn't careful about the health of his Daily driver device that he was using to send an access cryptocurrency and it resulted in him losing money Through one of these clipboard scams. So again, as I said, I made a Educational demo of this in about half an hour and have even added on a little bit of sophistication to it But the real ones are much more sophisticated The real ones will even do things where they will take a bunch of addresses from the HD wallet tree and try to get one that the first couple of characters closely resemble The address that the user originally copied So this really hit hits home as a countermeasure The importance of double and triple checking that your addresses match the intended recipients So especially if you're sending off a high value transaction, you should really check the whole address But you know at the very minimum Check the first five or six characters and even more importantly check the last couple characters because with a lot of cryptocurrencies like Bitcoin Bitcoin cash and litecoin the last few characters include a Cryptographically secure hash check some That it would take much much more work for the attacker to generate that although it's only a few bits mind you so it's not impossible To make sure that that address is is correct And again high value transactions or cryptocurrencies that don't have check sums like Ethereum Make sure you check the whole address make sure you check beginning middle and end so that you know the Intended recipients including yourself is going to get the cryptocurrency and not some attacker and another thing that I don't have on this Slide here is of course just Device health right you should have some type of antivirus protection on Your devices that you're using to access crypto You don't have to have one that's a resource hog that like live scans all the time But like make sure you keep up with Your device health right consider if you're doing a lot of high value crypto transactions having a dedicated device Just for cryptocurrency so if you do perhaps encounter a Websites or a file that ends up on your machine that has this kind of malware in it. It won't affect your crypto device So just think about these things and be careful We should again educate users that crypto transactions are irreversible and you must be careful to double triple check what you're doing So user error this one is always a bummer because people make mistakes We're human beings even those of us that have been in this space forever screw up sometimes and It's fairly common that I meet individuals that have made a mistake such as sending cryptocurrency to the wrong cryptocurrency address a very common one that I see is Bitcoin to Bitcoin cash or more commonly the reverse Somebody sends Bitcoin cash to a Bitcoin address In some wallet this does not support Bitcoin cash such as the cash app There's also further complications in the fact that although Bitcoin cash and Bitcoin because Bitcoin cash is a fork They share an address format But there are some versions of addresses now in Bitcoin such as segregated witness addresses that are not compatible with the Bitcoin cash network So even if the user does something like they send Bitcoin cash from their coinbase account To their cold storage Bitcoin wallet address if they grabbed a segway address from their cold storage wallet Even though they have the private key they may not be able to get the money back without the help of a Bitcoin cash minor and The ability to even do that has kind of been off and on as Bitcoin cash has made changes to their protocol In a lot of cases that I see Somebody will send Bitcoin cash from their wallet to a Bitcoin address on a custodial exchange Like coinbase or cash app and they are completely screwed in that case Right not only is it maybe a segway address, but if cash out and coinbase are doing what they should be doing as Custodial exchanges nobody there is going to have direct access to the keys needed to work in manual recovery So that money is effectively gone forever and locked So this isn't an attack right, but this is a very common way in which I see people make irreversible mistakes and Of course the countermeasures are again very similar to the malware issue Which is you should be double triple checking that the address and the intended cryptocurrency are correct Before you finalize a transaction before you hit send sign that transaction and broadcast it to The crypto network that applies you should make sure that you have the right cryptocurrency in the right address one of the things that Bothers me about a lot of wallets is they do nothing in their user experience to educate users about this Wallets are pretty good these days about saying hey here's your 12 to 24 words seed phrase Make sure you back it up and keep it somewhere safe and never give it to anybody Because you must have this to restore access if you drop your phone in the toilet or you know You know your car burns down with your hardware wallet in it, but something I see almost no Wallets do is warn their users About the irreversible nature of transactions and about double triple checking that the address and cryptocurrency are correct I think in my opinion as a software developer Every wallet UI UX should have a warning like this Especially for really common ones like Bitcoin cash to Bitcoin right Bitcoin cash now has a different address format called cash Adder that's the most commonly used it still of course retains backward compatibility with normal base 58 check Bitcoin addresses because that address format isn't even really Reflected at the protocol level. It's it's a wallet UX thing and how the public key hash is encoded I think it would be really great If wallet makers wallet software developers started saying a warning if you try to send Bitcoin cash to a non-cash Adder address. Hey user. Are you intending to send this money to a? Bitcoin cash address that looks like this, right? It's a very common Issue that happens that people send it to the wrong type of address. Make sure that this is correct This is a simple UI thing that's just really just like a text box or a Dialogue box that could help save people from making this costly and irreversible mistake So let's talk Security hygiene practices. This is something in the information security world that is Constantly evolving right I may be saying something here that is not entirely correct based on the latest professional guidance So, you know always listen to your friendly neighborhood information security professional But this is a big big issue in the cryptocurrency space particularly with exchange accounts It's one thing if you screw up and you have a bad reused password that gets leaked in a data breach and accidentally give someone access to your Facebook or Instagram accounts It's another thing entirely when your password or 2FA hygiene is bad and somebody is able to get into Potentially your crypto life savings sitting in Coinbase or Binance or Gemini So this is something that not only should people do for their entire digital lives It should be especially cognizant of when it comes to cryptocurrency. I have a couple demos that I'm linking to here One is called entrapal, which is just a nice little hardware demo and a little command line utility as well For generating diceware passwords, which is a way of getting much easier to type passwords that also have a high degree of entropy to them and Passperms, which is really just a basic demo of the math behind password cracking and in general shows why Length is better than complexity such as adding a bunch of symbols to a password And the effect that increased length has on password cracking times in the event of a data breach so I hope perhaps these could be useful tools that you could reuse and Show people when you're doing infosec education So this type of attack is something like the user reuses an insecure password So something that's short and easy to break with a password cracking utility like hash cat or John the Ripper and It's being reused between Different accounts on the internet So in exchange like Coinbase a web wallet like blockchain.com Some breach of some other website exposes this password that the attacker then cracks So the countermeasures for this it's really really important to not reuse passwords This is something that we talk about all the time as tech professionals Every website that you visit should have a unique password which prevents one breach from affecting other websites The other thing is is you should use long Passphrases that are comprised of things like sentences random words or better yet Completely randomly generated, you know alphanumeric Maybe with symbols if you want to pass phrases and the use of secure password managers to store all this information The reason most people reuse passwords is because we as people can't remember Passwords for 50 websites, right? If you're a tech nerd like me, you might have upwards of a hundred different websites that you visit with varying degrees of frequency So encouraging people to use things like encrypted password managers prevents password reuse and it also allows people to have Really strong high entropy randomly generated pass phrases that would be a complete pain to remember or even type and Just have those things be auto-filled through the password manager if you own a crypto related website if you're a developer Insist on whatever the industry standard is for user passwords Like just do not allow people to you know have hunter to is their password Enforced password length requirements and again, you know, I'm not an information security professional necessarily So what I'm saying is is find out what the industry standard guidance is and enforce it And if I had to come up with a general rule myself I would say make sure passwords are at least 16 to 20 characters and preferably as random as possible Don't allow your users to mess this up if you're building a crypto related service It's going to make it that much more secure for them If they have the designer of the websites or the designer of the wallet looking out for them and saying hey It's really important that your password is long enough unique and not stored somewhere in plain text Security hygiene number two and this is another big one is two-factor authentication Sim swaps have been a plague in the cryptocurrency space So this type of attack is one an attacker knows that a user of some exchange account or service like a blockchain.com web wallet Has SMS text message base two-factor auth and some exposed phone number So attackers will work to try and get Information on a target's phone number Once they have that information They will socially engineer the phone company such as AT&T or Verizon or Sprint into porting that number to a new device that they control Once they have that phone number under their control in the form of a SIM card They will initiate a password reset against the target service So Coinbase or Gemini or Binance They can then intercept the two-factor auth code and do the password reset Because the two-facode has been used to prove the identity of what should have been the legitimate user that forgot their password So countermeasures for this and this is already starting to be implemented across the industry is only allowing app-based such as TOTP. So this is your Microsoft Google Duo Authenticator apps or better yet security key base two-factor authentication So using something like this a Yuba key device or even a lot of hardware wallets like the keep key will act as U2F or FIDO to FA devices So if you own a profile related website Don't even make SMS two-factor authentication an option It's honestly easier as a web developer to enable something like TOTP anyway Because you're just managing a seed rather than having to deal with how you you know send text messages to somebody like some subscription service or Server infrastructure to do that. Just don't allow SMS to FA Really encourage people to use app-based to FA and to use security keys Also, you know be the coolest by enabling Again hardware token to FA on your websites Not only is this more secure for the end user than even app-based to FA. It's also easier I hate going to websites where I have to pull out my phone and manually type in codes Like I got to unlock my authenticator unlock my phone type in a six-digit code with this thing I go to the website. I my password manager auto fills the password and then I tap this and I'm in and I have a very secure setup in doing so So we as an industry would need to really encourage people To have good hygiene when it comes to their two factor So the last interesting topic we'll talk about I would say is the most subtle and the most Difficult as an end user to prevent type of attack or compromise and this is poor wallet implementations I should say some of these are very complex and subtle attacks and some of these actually are pretty to avoid it like the Issue of brain wallets so Examples of this that have happened for real in the crypto currency space are the electrum phishing attack where attackers Exploded a vulnerability in the electrum Bitcoin desktop wallets and trick users into installing a malicious version of electrum from the attacker servers instead of the legitimate electrum servers so so the end user at some point had a legitimate electrum wallet on their device they were tricked via this exploit into installing a Backdoor version of electrum which was able to read the private keys and sweep the funds to attack or control wallets So this is something is an end user right especially if you're a non-technical person. How do I avoid this? well Unfortunately, although this is difficult for folks that aren't technical The use of well audited and reputable software is one thing that's that's a step Right, like use what other people in the community are using if a brand new Bitcoin wallet Just popped up on the app store today and has 30 downloads But maybe avoid that one for now, right? It could be a great new product. It could be open source, you know, but Use something like exodus coinomi bitcoin.com something that has a reputation And you really need to if you're going to use desktop software, especially learn how to do signature and hash verification It's a little bit of a pain in the ass if you're not a technical person, but you should learn how to do this It's better for you to have to spend an hour learning how to use GPG and verify signatures and learning how to verify hashes and what the fuck a hash even is Then it is for you to lose thousands and thousands of dollars from downloading malicious software So take your time with that if you're using something that's like mobile you know Part of the mitigation effort is just downloading things through the app store because Google and Apple through their app stores do things to try and ensure that there isn't malware or malicious software Coming into their official app download stores. That's not foolproof But it is one step better than downloading a random APK off of some website. That's like, hey Bitcoin wallet. It's free You know use that Never use brain wallets or paper wallets You know brain wallets are the practice of hashing some user-generated password into a key Those have been proven for many years now to be really insecure Ryan Castellucci who's that infosec professional has done a really awesome Def Con talk on cracking brain wallets And it is super super easy to steal from people that try and generate their own key entropy Like don't do that the one that's a little bit more difficult and I I say difficult and that people still insist This is an okay practice is paper wallets So you visit some website like bid address or like coin address, you know dot org or whatever And it generates a key for you in the web browser and you print out a piece of paper that has the Public key hash, which is the address and the private key for it So many people have been stolen from By malicious versions of these websites that were backdoor into generating, you know keys that the attackers control So they're just constantly sweeping out attacker, you know a sweeping out user funds basically And you know, there's also pitfalls like potentially Poor cartography used in JavaScript websites. That's a thing that happens And I have gotten into arguments with people on Twitter that insist Bro, it's better for you to generate a paper wallet on like coin address calm Then it is to keep coins in exchange and in my professional opinion. That's just not true Like you are better off keeping your hundred dollars of like coin or Bitcoin in a legitimate exchange with good password and 2FA hygiene that you are Generating a key off of some website like take 10 minutes to install Koynomi or Exodus Or Bitcoin calm or any other reputable mobile wallet to control your own keys before you generate a single key pair Wallet, there's just so many things that can go wrong with change with key generation Don't do it. And I think you know, we should kindly and professionally slap people online that still promote Paper wallets is a practice. It's just it's it's not something we should be doing anymore so some final thoughts again as Tech professionals watching this and attending DEF CON a lot of this probably isn't news to you and That's kind of the point that I wanted to make with this talk is These are common ways that very real people lose money in this new Technology in this new ecosystem every single day The people that steal cryptocurrency using these techniques do so because it is very effective and profitable for them and Most of these attacks again are mitigated by common sense relatively non-technical countermeasures So, you know, you may have not learned something really cool today about the latest in password cracking technology But I think yeah, you probably have learned a Good set of bullet points that you can take back to your companies Your open source wallet projects whatever you're building out there. I want to encourage people to take Education like this and to think about new ways of making security information digestible to everyday people. I think we especially in this Incredible new industry with this super empowering technology We have kind of a professional duty to educate users to implement sound user experiences to build secure software and develop new best practices Cryptocurrency is 10 years young at this point So not only can we kind of share things that have emerged in the last few years from these common exploits Like everybody that's watching this talk. I think even myself included we have some opportunities to create new best practices Whether it be through software security through user experiences through tech education content Any innumerable ways that you can participate in the blockchain ecosystem? We can do a part to build better security So as more and more people as mass adoption comes in to our ecosystem, we're ready to help people Embrace this technology without fear and the way that now, you know people Everyday people can go on the internet and buy something off of Amazon without having to worry about their credit card being compromised We're not there yet as an industry, but we can be if we put in a solid effort to make this happen So again, if you're watching this Take these bullet points back home to whatever you're building You know build a new security ecosystem for cryptocurrency We don't want People like Senator Elizabeth Warren to say that this is all the shadowy underground built by shadowy supercoders, right? We want to show the world What this technology can do in a positive way so go out build secure experiences and able to FA please and I want to thank you guys very very much for watching this talk So of course this talk is pre-recorded this year I want to encourage folks to reach out to me with questions You know, I'm not just saying we would love to hear from you in the corporate way I genuinely love when people reach out to me and talk to me with feedback Anything you think I can do better as an educator questions that you have for me about what I've seen in blockchain security or you know if you have ideas for Other things that we can be doing together to help build out this ecosystem. I'm on Twitter at chain toots That's a great place to reach me My website chain toots.com has a contact form and I'm pretty good about getting emails out folks quickly And I will be hanging out on the deaf core discord deaf con discord this weekend To watch talks interact answer questions last points all of my educational content code videos articles slides are License under creative commons and permissive open-source software licenses So not only is reuse of this content allowed Yeah, I would take it as a huge compliment if you take anything that I'm building and Remix it share it get it out to people just with you know credit to me as the original author Thanks again, and as always I hope you learn something new with me today