social engineering

A little over ten years ago, an anonymous developer known only as Satoshi unleashed an unstoppable new form of money into the world. In the years that followed, that invention spread, grew, and garnered global influence, reserving a space on the balance sheets of major corporations while knocking sternly at the door of printer-happy central banks. It’s this same controversial nature that has led many to acknowledge that Satoshi’s decision to remain anonymous may in fact have been one of the great gifts imparted to his technology.

Removing a central figure as a fulcrum of influence, for better or worse, allowed the technology to function independently as intended. Increasingly, however, more and more founders, online personalities, educators and others are choosing an anonymous identity – not only for the protection it may proffer their ideas, but for the personal safety it also provides.

Being an “Anon”: The Benefits and the Trend

In an increasingly online world, a personal identity can be a target – names, email addresses, locations and other identifiers are all easily exploitable by other anonymous actors. Duplicate accounts and impersonation are objectives easily accomplished with a name and email. With the connection of a name and email to other sensitive information, such as passwords, risks like identity theft and blackmail begin to loom large. While often this level of access is due to a data breach at some major company with a long list of such info, proffering personal information freely online doesn’t help. Additionally, the increase in “doxxing” of online personalities whose ideas may run contrary to others’ beliefs – or simply have rubbed some online troll the wrong way – is another very real reason for personalities to go dark.

The ability to express one’s opinions and ideas without the threat of asymmetrical personal repercussions is becoming increasingly desirable or even necessary in a polarized world. These factors, independently or combined, have given rise to credible anon. Today, community members and creators are often able to legitimately build, lead and educate from behind the lines of an avatar. The acceptance of credentials from accounts behind even the names of comic book heroes or other mythical characters happens via the vetting of their content, rather than character, and has often even earned these anons a place in the upper echelons of internet influence.

Bad Actors

It’s not to say that anonymity doesn’t work both ways. While anonymity is a tool being increasingly used by credible sources, it also still remains a shroud to those who prefer to lurk in the shadows, circumventing accountability. The same protection offered to those who might share simply opposing or unconventional views can also be used to spew unwarranted vitriol that would never see the light of day under public circumstances. Likewise, anonymity offers easy cover for scammers, shills, and “developers” of new and unknown but sure-to-be-huge projects, selling the snake oil of the next big thing and then disappearing into oblivion without repercussion. It stands to reason that in an anonymized world, critical thinking, level-headed judgment and personal responsibility play an even greater role. However, the layer of mystery anonymity provides can make distinguishing between bad actors and legitimate anons more challenging.

Navigating Anonymity

When is it necessary to know the character of a person, and when is it enough to rely on the quality of their content? Some of the most respected names in business history have gone on to steal their customers’ funds. A public persona and even proven track record are not necessarily always enough to judge the outcome of an endeavor. However, these same aspects are nonetheless an important measuring stick in due diligence. Particularly with investments, the outcome of the project remains to be seen – and the character of the founder becomes a greater factor in decision making. At a minimum, a point person reduces the risk of the same absconding with funds or being able to escape responsibility entirely in the event of gross negligence. An anonymous founder, meanwhile, doesn’t have to be a red flag – many projects can and do benefit from the absence of a central figure. However, even Satoshi’s brilliant brainchild, as the product of an anon, had to work seamlessly for almost a decade before it earned the attention of major investors. Other types of projects rely less on trust. Endeavors like analysis and opinion, other forms of content creation and even sometimes reporting, offer a greater opportunity to be immediately vetted, discredited, discussed or accepted. The nature of content as a product itself requires less reliance on unknowns like future promises or the persona of the author themselves. While discretion plays a role in any online activity, content provided is intrinsically less opaque than contracts based on character when it comes to anonymous sources.

Anonymity is a double-edged sword that provides protection to whoever wields it. The rise of the anon may mean the distinction between criminal tactics and those used in service of discretion blurs, with future parameters for what justifies suspicion versus what constitutes privacy potentially becoming battlegrounds. However, just as attackers have historically used anonymity as a veil with which to protect themselves, it stands to reason that anonymity is a tool now being used by credible sources – from innovators to educators and more – in order to mitigate such attacks and remove both themselves and their ideas from becoming targets. As more people’s lives go online, being an “anon” can provide personal safety on the web, as well as allowing the focus of someone’s work to be exactly that.

GoDaddy, the world’s biggest domain name registrar, admitted that a number of its customers’ domain names, including several prominent cryptocurrency firms, had been modified after some of its employees fell for a social engineering scam. The US publicly traded internet domain registrar and web hosting company is the latest victim to suffer security attacks caused by scams targeting employees.

The cyber attackers used a phishing campaign involving email usage tricked GoDaddy employees to click a malicious link/file and consequently revealed ownership and or control over targeted domains to fraudsters.

The latest phishing campaign started on November 13 with an attack on the Liquid.com cryptocurrency trading platform.

Liquid CEO Mike Kayamori said:

“A domain hosting provider ‘GoDaddy’ that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor. This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. In due course, the malicious actor was able to partially compromise our infrastructure, and gain access to document storage.”

On November 18, NiceHash cryptocurrency mining services also discovered that some of the settings for its domain registration records at GoDaddy were changed without authorization, shortly redirecting email and web traffic for the site. NiceHarsh, therefore, froze all customers’ funds for about 24 hours until it was able to verify that its domain settings had been back to their original settings.

Matjaz Skorjanc, NiceHarsh founder said that attackers made unauthorized changes from an internet address at GoDaddy and attempted to use their access to its incoming NiceHarsh mails to perform password resets on multiple third-party services including GitHub and Slack.

Skorjanc said:

“We detected this almost immediately [and] started to mitigate [the] attack. Luckily, we fought them off well and they did not gain access to any important service. Nothing was stolen.”

Many other cryptocurrency platforms also might have been targeted by the same group including Wirex.app, Celsius.network, and Bibox.com. However, these firms have not responded to the request for comment.

Dan Race, GoDaddy spokesperson, said:

“Separately, and unrelated to the outage, a routine audit of account activity identified potential unauthorized changes to a small number of customer domains and/or account information […]Our security team investigated and confirmed threat actor activity, including social engineering of a limited number of GoDaddy employees.”

Race mentioned that they immediately locked down the accounts affected in such incident, reverted changes that occurred in those accounts, and helped the affected customers to regain access to their accounts. Race further stated that as malicious actors become increasingly aggressive and sophisticated in their attacks, GoDaddy is constantly educating its employees about new tactics which may be utilized against them and adopting new security measures to prevent future attacks.

Cryptocurrency Scams Becoming Rampant

In late October this year, US President Donald Trump’s 2020 Presidential Campaign website was compromised in an attempt by cyber hackers to gain crypto funds. Cryptocurrency scams are nowadays a popular way that bad actors use to trick people into revealing sensitive data and sending money.

Such scams pop up in several ways like appearing as emails trying to solicit business and investment opportunities or online chain referral schemes. Scammers use such attractive opportunities to entice people including employees, investors, and consumers. Since it is difficult to distinguish scams from legitimate services, it is advisable for people to be cautious, know how to identify potential scams, and avoid falling into victims.