Cryptocurrency has emerged as an alternative to centralized banking that aims to give users more control over their personal data and finances. However, as billions of dollars have flowed into cryptocurrencies and non-fungible tokens (NFTs), scammers and hackers have targeted users to steal funds – particularly as coins and tokens are stored remotely in digital wallets hosted on blockchain networks that can be vulnerable to digital hacks.
Cryptocurrency users and investors must be aware of the risks and take precautions to safeguard their money just as they do when handling physical cash or online transactions.
After several high-profile hacks and scams have hit the headlines, the average consumer is skeptical of digital currencies. Three-quarters of Americans who have heard about cryptocurrency do not trust the current ways to invest in, trade, or use them are reliable and safe, according to a survey conducted by Pew Research Center.
One way that malicious attackers gain access to crypto funds is by creating apps and websites that appear to be legitimate but contain malware and are designed to lure unsuspecting users into clicking on infected links. When users access the site or install the app, they unknowingly install malware on their device.
Hackers may use ransomware to demand payment to relinquish control of the user’s wallet or data, or they may use the victim’s device to mine cryptocurrency, affecting the device’s processing capabilities and compromising their personal financial data.
These hackers are not affiliated with the crypto brands and products they use to lure victims. But they tend to use some crypto names and terms more than others. This creates the risk that when crypto enthusiasts or individuals interested in researching to find out more about certain legitimate search terms, they can be caught out and fall victim to malware or other security risks.
Top 10 Riskiest Crypto Search Terms
- UNUS SED LEO
- Rocket Pool
- The Graph
Note: This list has nothing to say about the legitimacy and safety of individual projects – these are the ones that scammers are targeting in the same way they may pretend to be your bank or favorite shopping site.
Coin Kickoff analyzed over 28,000 URLs to see which crypto terms most commonly lead to malware or other security risks, highlighting the risk of following crypto-themed search results without due care.
Coin Kickoff created a list of search terms for different categories: coins, wallets, exchanges, metaverse coins, and NFTs. Each term was searched on Google, and the first five pages of results were analyzed with the Sucuri Malware Detection Tool, recording the threat level for every URL. The terms were then ranked by the percentage of URLs tagged as a medium security risk or worse.
Some of the crypto-related search terms with the most potential malware linked in the results include:
- Riskiest cryptocurrency: Stellar, with 37.97% of search results flagged for potential malware.
- Most dangerous exchange-related term: Coinsbit, with 40.40% of results flagged.
- Riskest NFT collection to search: Dreadfulz, with 51.92% of results flagged.
- Most dangerous crypto wallet search results: Jaxx Liberty, with 46.24% flagged.
- The most dangerous crypto mining term: OXBTC, with 50.62%.
- Most dangerous metaverse coin to search for: Biswap, with 42.70%.
Stellar is a blockchain network that facilitates holding multiple cryptocurrencies and has its own coin, Stellar Lumen.
According to CoinKickoff:
“The rising profile of this versatile platform has drawn the attention of hackers, including those who targeted Lumen holders in a phishing attack in 2021 by sending emails advertising a ‘staking event,’ which linked to a convincing but fake version of the Stellar website,” .
Other cryptocurrencies with a high percentage of search result URLs containing potential malware include Aave (35.71%), Unus Sed Leo (33.59%) and Cronos (31.75).
While a search for Jaxx Liberty returned the riskiest results for a cryptocurrency wallet, the wallet is gradually being retired, and its underlying infrastructure will be used for Andiami: The Quest for Liberty, a new cryptocurrency hub based around a virtual game. The second-placed Digifox platform was also closed following ongoing technical and security issues.
Top 10 Riskiest Crypto Wallet Search Terms
- Jaxx Liberty
Note: This list has nothing to say about the safety of legitimacy and safety of individual wallets – these are the ones that scammers are targeting in the same way they may pretend to be your bank or favorite shopping site.
There is a significant overlap between cryptocurrency holders and the users of virtual worlds such as Decentraland and Sandbox. This makes metaverse-based cryptocurrency particularly attractive to scammers.
“The Metaverse combined with Web3 allows people to be more anonymous than ever,” notes Jim Lee at the Internal Revenue Service Criminal Investigations unit. Metaverse coins with high-risk search results include Biswap and the relatively well-considered Efinity Token, as well as Ethernity Chain, RichQUACK.com, and XYO.
Top 10 Riskiest Metaverse Search Terms
- Efinity Token
- Ethernity Chain
- Mines of Dalarnia
- Alethea AI
- Star Atlas DAO
- UFO Gaming
Note: This list has nothing to say about the safety of the legitimacy and safety of individual metaverses – these are the ones that scammers are targeting in the same way they may pretend to be your bank or favorite shopping site.
While the buzz around NFTs has fizzled out, a base of NFT investors and enthusiasts remains a target for hackers. Over half of the searches made for the villainy-themed Dreadfulz collection are flagged as risky by the Sucuri Malware Detection Tool.
Top 10 Riskiest NFT Search Terms
- Sproto Gremlins
- Redacted Remilio Babies
Note: This list has nothing to say about the safety of the legitimacy and safety of individual NFT projects – these are the ones that scammers are targeting in the same way they may pretend to be your bank or favorite shopping site.
Coin mining is at the heart of the cryptocurrency economy as this is how units of currency are created. This also makes it attractive for hackers to exploit.
Users searching for terms related to crypto mining software may consider installing new software on their devices, which plays into the hands of malicious attackers spreading malware. Crypto mining search terms are among the most dangerous in CoinKickoff’s study – around two-fifths to half of the results returned by the ten most dangerous mining programs are risky, with Chinese brand OXBTC the most exploited.
Top 10 Riskiest Crypto Miner Search Terms
- Etherpools network
- Cudo Miner
Note: This list has nothing to say about the safety of the legitimacy and safety of individual mining services – these are the ones that scammers are targeting in the same way they may pretend to be your bank or favorite shopping site.
The high volatility in cryptocurrency markets makes it attractive to traders looking to capitalize on volatility to “get rich quick”, and crypto is often associated with a sense of urgency to avoid missing out on the next big rally. This can lead new users and investors to act hastily during preliminary research or while making transactions. However, exercising caution and not clicking on any link without considering whether it is legitimate is essential.
To reduce the risk of your devices becoming infected with malware when searching crypto terms, take some of these precautions:
- Keep updated security software on every device.
- Monitor the permissions on your devices to prevent other users from installing malware.
- Only download files from websites with an authentic certificate.
- Be wary of sites promising crypto offers that appear too good to be true – they probably are.
Keep in mind that the crypto terms identified are not risky per se, but malicious agents may piggyback on their names to gain access to your system and your cryptocurrency.
The rise of cryptocurrency offers the potential of a new way to handle our finances, but with this evolution, a new target for malicious attacks has emerged. Hackers prey on unsuspecting users searching for crypto-related terms through deceptive websites, malicious apps, and cleverly disguised malware.
These are not connected to legitimate cryptocurrencies or platforms but use crypto-related search terms to lure in their victims and steal their data or funds. By remaining vigilant to only click on links for official websites and other trusted sources, users can reduce the risk of falling victim to search-based malicious attacks.