Following the news that the criminals are targeting Reddit users with a drive-by malware attack to empty cryptocurrency wallets (original Reddit thread), Brian Laing, VP at Lastline commented below.
Brian Laing, VP at Lastline:
“Reddit uses very basic authentication measures – just username and password. It was never intended as a place to shield financial access which the introduction of BitCoin repositories has now effectively done. There is no second factor to the authentication steps making even simple, brute force attacks possible. Reddit/Bitcoin Wallet are likely targets for these reasons.
“We have seen many similar hacks dating back some years, but not specific to Reddit per se. As long as hackers continue to see positive results in the Reddit community exploit, we would expect to see this continue.
“Advice to users would be to separate social applications which are not multi-factor protected from any financial access tools and not click on any link sent to you unless you know both who sent it and whether the link is authentic. If the use cannot predetermine both pieces of information without executing the link/file, then discard.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Meta’s fine over data privacy breaches underscores the critical challenges…
Hi, Thanks, that is really useful information. I do have…
“This is a very worrying attack that hit T-Mobile and…
“This latest cyberattack against T-Mobile may be smaller than previous…
“Genesis Market is a complex global criminal access marketplace. Buyers…