Security issues in the cryptocurrency industry are particularly acute. Hackers and scammers take advantage of a relatively new, high-tech, and poorly regulated field. Entire teams of attackers exploit bugs in software code and use advanced social engineering techniques to take over other people’s assets. At Match Systems, we encounter a wide variety of hacker attack schemes, but the recommendations we can provide in case of a hack will look pretty much the same for both an average user and a Web3 project team.
So, if your cryptocurrency is stolen, act quickly and in an orderly fashion. Here are the basic steps you should take:
- Marking the stolen funds. First of all, you need to perform markup of the addresses the stolen assets were transferred to. This markup within the blockchain will prevent the attacker from moving the stolen assets further. Specialized services like Nansen are used for markup.
- Tracking transactions. Different blockchain explorers can be used to track the movement of stolen funds. This can help with further investigations. However, monitoring the movement of assets instantly using blockchain explorers is impossible, so we recommend using “beacons.” A specialized Telegram bot from Match Systems is available for this purpose.
- Contacting support. If cryptocurrencies were stolen from the exchange, contact its support team as soon as possible to report the issue. If “beacons” discovered that the attacker deposited funds on the exchange, you must immediately contact its compliance department to block the address that accepted the funds.
- Reporting to law enforcement. Immediately notify the local police or similar agencies to open a criminal case. You won’t get your funds back without law enforcement involvement, even if they’re blocked by the compliance department of the exchange.
Other steps and guidelines to follow:
- Change passwords. You can start with changing the passwords of all your existing crypto wallets and exchange accounts. Change the passwords of other critical accounts, such as email, in case attackers have gained access to your data through them. 2FA methods should be used whenever possible.
- Create a new wallet. If only a part of your money was stolen from your wallet, we suggest you transfer the remaining funds to a new wallet. Using the old one isn’t advisable.
- Install antivirus software. If you suspect that the funds were stolen due to malware or phishing, check your device for viruses or malicious software.
- Consider consulting with a lawyer. Depending on the amount of damage and the circumstances of the theft, you may need legal assistance.
- Consider storing assets in cold wallets. Cold wallets, such as hardware wallets, aren’t connected to the Internet and are considered one of the safest methods of storing crypto.
Web3 technologies give users full control over their assets and data, but it comes with the full responsibility of keeping them safe. Therefore, you should regularly brush up on your knowledge in this area and monitor new threats and ways to prevent them.
If the hack still occurs, it’s best to contact professionals immediately. Every minute counts. The sooner the work begins, the higher the chances of recovering at least part of the stolen funds. This primarily concerns business representatives who manage both their own and client funds.