Reports in the past few weeks detail that bad actors are targeting two privacy coin projects, Monero and Zcash, adding to concerns about the growing rate of security incidents involving blockchain networks. Such incidents, as well the repeated 51% attacks on the Ethereum Classic network or the Electrum wallet breach, suggest criminals are becoming more sophisticated.
Still, bad actors sometimes use less sophisticated methods and appear to get away with it. For instance, the security breach targeting Monero users emerged after scammers created a fake Mymonero android app URL.
In a post on Reddit urging users to ignore the fake link, Monero developers claimed this to be the work of the “same group of scammers that have been targeting Myetherwallet since at least 2016.” According to these developers, “every time it gets reported (the fake Myetherwallet) and taken down, they manage to come back up again.”
Explaining why they issued an alert, the XMR Core team believes its “very likely that the app can be used to steal user’s funds” and is thus urging users to “report the fake web address to Google.”
Meanwhile, another privacy-focused crypto, the Zcash project appears to have been targeted as well after attackers created a fake Twitter account, according to Tim Ismilyaev, CEO and Founder at Mana Security.
According to Ismilyaev, “the account (which now boasts more than 6,000 followers) even publishes information about fake distributions of the crypto and contains Ethereum addresses for fundraising.”
Explaining why the privacy coins are apparently getting targeted now, the Mana Security founder says for criminals, this is more logical than aiming for bigger coins.
“The key reason for this is the simplicity to get to the top-3 positions in search results. It’s
