Kaspersky has discovered nearly 200,000 phishing attacks targeting cryptocurrencies


Kaspersky experts have carefully analyzed phishing sites aimed at potential crypto investors, as well as malicious files distributed using the names of the 20 most popular wallets for cryptocurrencies. Since the beginning of 2022, Kaspersky products have detected and prevented almost 200,000 attempted thefts by phishing digital currencies and user accounts to access wallets. In April alone, there were almost 50,000 such attempts, which is approximately half of all attacks in the first quarter of 2022. Crypto wallets are the primary target for fraud and malicious activity.

Along with the expansion of the popularity of digital currencies in the last five years, Kaspersky experts have identified various tactics used by cybercriminals to steal cryptocurrencies – from luring victims with gifts sent to them by crypto exchanges to distributing Trojan DeFi wallets. Crypto wallets are the primary target of fraudsters, because they are the original place to store cryptocurrencies with large amounts of virtual money.

In 2022, Kaspersky products registered 193,125 phishing theft attempts, targeting potential crypto investors or users interested in cryptocurrency mining. During the first quarter of this year, Kaspersky experts discovered about 107,000 attempts, and then in April alone there were almost 50,000, which is almost half of the entire previous quarter in one month.

Fraudsters mimic the sites of original crypto wallets, enticing victims to enter a personal seed phrase, a secret sentence of 12 or 24 words that, along with a password and private key, ensures the security of the wallet. When a user shares his secret phrase, he is redirected to the right site, but his account and all his savings are now in the hands of the fraudster.

Crypto wallets have become the target of numerous malicious activities, not only through phishing sites disguised as the most popular wallets, but also malware that is distributed through the misuse of wallet names. Kaspersky experts have carefully examined the malicious files that use the names of the 20 most popular cryptocurrency wallets.

Electrum eToro Exodus Guard
Binance Bybit MetaTrader 5 Nash
Coinbase Copay CEX.IO Paybis
MetaMask Wirex Coinmama Tezro
Jaxx Coinsmart Gemini YouHodler

List of crypto wallets analyzed by Kaspersky

It was found that in the first five months of 2022, Kaspersky products prevented more than 1,100 users from downloading more than 1,400 different variants of malicious files that are distributed under the listed crypto wallet names. Of all the detected malicious files, 75% of them exploited the Binance stock exchange. It is followed by Electrum (10 percent) and MetaMask (9 percent). Fraudsters have most commonly distributed Trojan downloads, which download and install new versions of other malware. Banking Trojans, spyware and ransomware were found among the analyzed files.

Fraudsters are not stopped by anything when their goal is to steal cryptocurrencies. Along with the growth of the value of digital currencies, they intensified their activities towards potential investors. Special attention should be paid to crypto fraud by phishing because they are based on social engineering. These types of attacks do not require any advanced technical skills, and they do the job of fraudsters. These methods are often successful due to carelessness and lack of user awareness. Therefore, users must pay attention to everything that may indicate that it is a scam: offers that are too generous, proposals for cooperation from unknown senders, as well as requests for money transfers with the promise of future profits“, Commented Alexei Marchenko, head of the team for researching content filtering methods at Kaspersky.

To protect yourself from crypto fraud, Kaspersky experts recommend:

  • Be careful. Unexpected messages about losing money / accounts or transfers, gifts and cash winnings are, almost always, an attempt at fraud
  • Always check the links carefully. It is best not to open links in messages from ISPs at all – instead, type the address into a search engine

Install a reliable antivirus solution to protect yourself from phishing.



Source: Personal magazin by www.personalmag.rs.

*The article has been translated based on the content of Personal magazin by www.personalmag.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!