Following the news that the criminals are targeting Reddit users with a drive-by malware attack to empty cryptocurrency wallets (original Reddit thread), Brian Laing, VP at Lastline commented below.
Brian Laing, VP at Lastline:
“Reddit uses very basic authentication measures – just username and password. It was never intended as a place to shield financial access which the introduction of BitCoin repositories has now effectively done. There is no second factor to the authentication steps making even simple, brute force attacks possible. Reddit/Bitcoin Wallet are likely targets for these reasons.
“We have seen many similar hacks dating back some years, but not specific to Reddit per se. As long as hackers continue to see positive results in the Reddit community exploit, we would expect to see this continue.
“Advice to users would be to separate social applications which are not multi-factor protected from any financial access tools and not click on any link sent to you unless you know both who sent it and whether the link is authentic. If the use cannot predetermine both pieces of information without executing the link/file, then discard.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…