Blockchain Technology Vulnerabilities User Wallet Attack Training Ppt

Slide 1

This slide illustrates the concept of user wallet attack in the blockchain. It also explains that the hacker executes cyberattack to steal credentials from the blockchain users. It also explains the different user wallet attack types such as phishing attack and dictionary attack. In phishing attack, malicious hackers send messages/emails pretending to be big organizations. Phishing messages make people do activities like installing malicious files from which the hackers can access their credentials. In dictionary attack, hackers use every possible word in the dictionary to crack the password. These attacks are successful when the hackers use ordinary words as passwords.

Instructor’s Notes:

The different types of user wallet attacks are as follows:

Types of phishing attacks are as follows:

Email Phishing:

• It is the most common type of phishing attack that hackers use to send emails to different users, informing them about security issues in their accounts
• Users sometimes panic and respond to these emails by clicking on the links provided and ends up losing money

Spear Phishing: 

Whaling: 

Smishing: 

Vishing: 

Search Engine Phishing: 

• In this type of attack, hackers use SEO engines to trick organizations 
• Hacking the SEO search list and getting on the top of the list when an organization or individual clicks on their link displayed within the search engine, the link gets the individual directly to the hacker’s website
• The hackers then hack the important information from different organizations such as banks, money transfers, social media, and shopping sites

Types of Dictionary attacks are as follows:

• Brute Force Attack: This attack uses a trial-and-error method to guess login passwords, encryption keys, or find a hidden web page. The hackers work on all possible combinations to find the correct combination
• Hybrid Attack: This type of attack is the same as a dictionary attack, but in such an attack, hackers add some numbers and symbols to words from the dictionary and try to crack the password
• Syllable Attack: This type of attack is a combination of both brute force attacks and hybrid attacks. This attack is done when cracking any password with no word but rather based on characters and syllables
• Rule-Based Attack: This type of attack is a programming language coded to generate candidates' passwords

Slide 2

This slide showcases the different user wallet attacks in the blockchain such as vulnerable signatures and flawed key generation. The vulnerable signatures attack explains that the digital signature cryptographically links a user to a particular message/agreement in the blockchain. The signature is referred to as private key. The private key is essential in the blockchain during the process of transaction. In flawed key generation, the public key can be generated by using RSA algorithm to encrypt sensitive data and transactions in the blockchain.

Slide 3

This slide showcases the hot and cold user wallet attacks on the blockchain network. It explains that the cold wallet is not connected to the internet. It is not easy to hack as it is offline, and hackers have limited access to the funds in the wallet. The hot wallet is connected to the internet. The hot wallets are comparatively easier to hack as they are online and are vulnerable to hackers.

Slide 4

This slide showcases multiple recent attacks on blockchains such as Easyfi, Ascend EX, Polynetwork, Bitmart, Badger, Bzx, Vulcan Forged, Cream, Boy x highspeed, and Liquid.

Slide 5

This slide showcases multiple ways in which blockchain users can prevent a user wallet from multiple attacks. This slide also discusses ways such as: using a cold wallet or using a secure internet wallet, maintaining multiple wallets, securing personal devices, changing password regularly and not being phished.

Instructor’s Notes:

Different measures taken to protect user wallet attacks are as follows:

Use a Cold Wallet:

Use Secure Internet:

• It is important to use a private, secure internet connection while trading or making crypto transactions in blockchain network
• Moreover, while using a home network connection, use a VPN for additional security to avoid any hacking activity
• VPN helps keep the internet network secure by changing the IP address and location and keeping your blockchain network activity safe and private from hackers

Maintaining Multiple Wallets:

• In blockchain network, participants should use only one wallet as the main wallet to do daily transactions and keep the remaining wallets separate
• This will keep the data secure and away from any security breach or attack

Secure Personal Device:

• Keeping all personal devices secure with the latest antivirus software is essential to defend the system against new vulnerabilities
• Use a strong antivirus software to improve the security of devices to prevent hackers from hacking the devices

Change Password Regularly:

• It is important to put a strong password in the blockchain network to keep it secure from attackers
• Keep the password strong and complex, and change it regularly, then it is difficult to guess
• In the case of multiple wallets, use separate passwords to keep the data secure

Don’t Get Phished:

• Phishing scams via malicious ads and emails are common in the blockchain network
• Warn all nodes in the system against clicking any unidentified link while making crypto transactions in the blockchain network