BTC dominance: 52.52% • ETH Gas: 13 / 13 / 16
RecentCoin RecentCoin
New coins deployed last 24h: +0
Visa uncovers the dark side of token bridges – What to know

Visa uncovers the dark side of token bridges – What to know

full version at cryptopolitan

Visa, one of the world’s largest payment processors, has released a report on payment fraud disruption in the past six months. The report revealed that threat actors have been using novel technologies and techniques to conduct fraudulent schemes, particularly in the area of transaction authentication.

The report also highlights the vulnerability of token bridges to theft, which has become a major concern for the cryptocurrency community.

Visa’s findings

One of the top threats in the consumer space is the use of social engineering to obtain card data or to take over an account. In many cases, threat actors claim to be an employee from the cardholder’s bank and ask for sensitive information.

These schemes often result in the compromise of one-time-passwords (OTPs), tokenized/one-time use PANs, or sensitive user account data such as bank login credentials (username/password).

Threat actors also use custom phishing kits that facilitate the bypassing of multi-factor authentication (MFA). These phishing kits employ the use of reverse proxies, allowing the fraudster to act as a man-in-the-middle (MiTM) between the legitimate consumer and the legitimate website.

This approach presents the legitimate website to the consumer and operates as an invisible intermediary, which decreases suspicions from the consumer.

The actor can then harvest any information that is entered into the website by the consumer, including OTPs, usernames, passwords, and session cookies.

Threat actors exploit token bridges to steal millions

Visa’s report shows that token bridges have become a favored target for thieves in 2022. The report identified techniques such as social engineering, advertising fraud, bots, and phishing kits used to obtain OTPs from cardholders, issuer-targeted malware to access and change customer contact details, and the use of social engineering to conduct token fraud.

The report also highlights an incident in late March 2022, in which an organization was attacked by threat actors who used an unidentified malware variant to infect user endpoints.

The actors eventually moved laterally in the victim’s environment and compromised the credentials for an administrative user of a mobile banking application portal.

This access was then used to edit the contact information of specific customers, as well as increase the limits on the customer accounts. The information changed included mobile device numbers, which enabled the threat actors to bypass one-time-password (OTP) authentication, as the OTPs were sent to the new mobile devices.

The actors used the increased account limits and changed customer information to monetize their illicit access through fraudulent funds transfers in a short amount of time.

Similar tactics, techniques, and procedures (TTPs) are often utilized by actors to conduct ATM cashout attacks, by deploying malware on a victim issuer network, accessing the cardholder data environment, and increasing limits on a select number of payment accounts.

These accounts are then used by mule networks to withdraw significant amounts of cash from ATMs. Additionally, threat actors use similar methods to take over a customer account and change contact information, which enables the threat actors to bypass OTP authentication during a transaction.

Threat actors are using increasingly sophisticated methods to conduct fraudulent schemes, and the vulnerability of token bridges has become a major concern for the cryptocurrency community.

DeBank.com spLP profile by cryptopolitan

Recent Crypto News

Akıllı Para Bu 3 Altcoin’e Aktı! İşte Yağdırılan Rakamlar
Akıllı Para Bu 3 Altcoin’e Aktı! İşte Yağdırılan Rakamlar
Added 1 month, 2 days, 10 hours, 56 minutes, 36 seconds ago by coin-turk
Defunct FTX and Alameda banned from crypto trading in $12.7 billion CFTC settlement
Defunct FTX and Alameda banned from crypto trading in $12.7 billion CFTC settlement
Added 1 month, 2 days, 10 hours, 56 minutes, 38 seconds ago by cryptoslate
Gmx Launches SHIB Perpetual Futures Market on Arbitrum
Gmx Launches SHIB Perpetual Futures Market on Arbitrum
Added 1 month, 2 days, 10 hours, 56 minutes, 39 seconds ago by en.coinotag
XRP Surges 19% After Partial Victory for Ripple, but the Case May Not Be Over
XRP Surges 19% After Partial Victory for Ripple, but the Case May Not Be Over
Added 1 month, 2 days, 10 hours, 56 minutes, 40 seconds ago by cryptoglobe
XRP and Shiba Inu (SHIB) Show Unusual Correlations Amid Market Rebound
XRP and Shiba Inu (SHIB) Show Unusual Correlations Amid Market Rebound
Added 1 month, 2 days, 10 hours, 56 minutes, 42 seconds ago by en.coinotag
Vitalik Buterin Introduces Massive Ethereum Update: Details
Vitalik Buterin Introduces Massive Ethereum Update: Details
Added 1 month, 2 days, 10 hours, 56 minutes, 43 seconds ago by u.today

Recent conversions

7000 PKR to CHF 0.0025 ETH to CHF 40 ETH to NZD 0.00019 BTC to AUD 200 DOGE to BTC 20 BCN to CZK 0.7 SOL to NOK 1 KRW to VND 0.0044 BTC to USD 100 BCN to EUR 5000000 KRW to NZD