close
close

Security Briefing: Can ETFs Be Hacked?

Security Briefing: Can ETFs Be Hacked?

A PSA about North Korean hackers has many in the bitcoin community wondering what spot ETFs are. Let’s dive in…


Are North Korean Hackers a Threat to Bitcoin Spot ETFs?

North Korean flag

Are North Korean hackers targeting underlying Bitcoin ETF assets?

Last week we discussed a new advisory from the FBI about North Korean hacking groups and their focus on crypto. This week we discussed whether ETFs could be vulnerable.

On Wednesday, Cointelegraph published an in-depth analysis of the risks of ETF hacking, interviewing Jameson and other experts.

Why is this attack vector worth considering? Bitcoin and ether are bearer assets. If hackers get their hands on the keys tied to a particular address, they get the assets, regardless of whether they are tied to an ETF or not.

The Bitcoin network has none of this prior knowledge — it only knows whether a cryptographic signature is valid in a transaction. And that makes a world of difference.

🔑 Important insight: In security, we strive to eliminate single points of failure. ETFs hold nearly 5% of the current bitcoin supply today, but the vast majority of that is held with a single custodian. See why that can be problematic in the chart below from earlier this year.


fingers-on-keyboard-hacking

The FBI had more to report this week, releasing its 2023 Cryptocurrency Fraud Report. The report analyzes more than 69,000 complaints filed with the FBI’s Internet Crime Complaint Center.

Together, the complaints represent a total of $5.6 billion in reported losses, up 45% from 2022.

What tactics do fraudsters use? Here is a look at the top 5 types of crime, with investment fraud being the most common, accounting for 71% of total losses.

table-overview-crime-losses
Source: FBI report

The FBI noted that cryptocurrency complaints represent only 10 percent of total financial fraud complaints, but they account for 50 percent of losses.

🔑 Important insightAs a reminder, here are three potential signs of a scam to look out for:

  1. Someone contacts you unsolicited (“Hey, how are your transactions going?”)
  2. They promise big, seemingly unreasonable rewards (“I know the perfect way to increase your position by 10x.”)
  3. They create a sense of urgency (“I need the bitcoin right now.”)

Remember: if it sounds too good to be true, it probably is.


Protect your Bitcoin from SIM swaps with Efani: a Casa partner in the spotlight

Your security is only as strong as your weakest link. While Casa helps you protect your bitcoin long-term with multisig, there are other layers of your security that you need to guard and your phone number is one of them.

SIM swaps are a nasty threat for crypto investors, where a hacker can trick your carrier, hijack your phone number, bypass your 2FA, and drain your important accounts, including exchanges. But Casa’s newest partner Efani can help you stop them.

Efani’s 11-layer client authentication protocol and mandatory 14-day cooling-off period provide extensive protection against unauthorized port-out requests. Now Casa members can lock their number with a discount on an Efani membership. Get yours now.

Protect your Bitcoin from SIM swaps with Efani: a Casa partner in the spotlight

Have you blocked your phone number? Casa has partnered with Efani to help you protect your bitcoin from SIM swap attacks on your secured mobile devices.


Get updates straight to your inbox

Want to learn how to secure your bitcoin and other parts of your life? Our weekly Security Briefing helps you stay up to date on the latest developments in security, from hacks to exciting new technology. Sign up below.

Read more posts from this author