Cybersecurity at ETHLend
Since the dawn of the internet, hackers have been playing a big role in how we interact with the internet. Cautiousness when; visiting websites, receiving e-mails and downloading files. These precautions are for human related errors. Although they are important, having up-to date software is just as important. We at ETHLend are aware of these dangers, and that’s why we are actively helping to prevent it, and help people to be alert. After all, preventing is better then fixing.
When it comes to cryptocurrency, cybersecurity is of high importance. When you browse the latest ICO news, you’re bound to see some articles about ICO’s getting hacked. To prevent this, the team has to actively take care of their security. Not for themselves, but mostly for the investors who put their trust in a project. Therefor it is more than logical to invest time and effort in security related issues.
Incidents happen, but luckily these events draw attention to possible security issues in ICO’s. Some security risks are human errors, and some are back-end errors.
The reason phishing still exists, is because a malicious attacker “phishing” with a ratio of 1:10000 people is still profitable. A lot of these attacks are not targeted at a specific person or group, they’re mass-mailed. A lot of these e-mails are obtained from breached databases.
What can you do:
The sender of the e-mail can be spoofed, to be 100% certain it’s a legitimate e-mail you can identify any link the e-mail contains.
Paste the copied link, the example above results in: http://ethlend.evil/tokensale
Slack bot phishing
In the world of cryptocurrency, slack is a popular way of communication. Sadly, there will always be people with bad intend. A common way of exploitation on slack, is the misuse of the slack bot reminder function. Just be cautious with links from the slack bot.
Sometimes the sales page of the ICO gets altered duo an exploit in the website / server. This responsibility lays with the team behind an ICO.
In this attack, the attacker targets the individual who has access to the web-server by either using phishing mails, infecting him/her or any other human-error related methods.
When the software isn’t up-to-date, it might result in a breach. There are known vulnerabilities impacting certain versions in software. There is also a possibility that custom software gets implemented which can also contain vulnerabilities. An exploit will result in the attacker having access to edit files on the website.
What does this mean?
When an attacker has the ability to edit files hosted on the web, he/she can edit the ICO address. That’s why it’s important to double check the address you’re sending funds to, using: https://etherscan.io .
We at ETHLend will be actively monitoring all activity during the ICO sale, we hold the security of our investors in high regard. Constant maintenance of the servers is the norm.
What can you do?
While we make sure our back-end is as secure as possible, you can alert the team through telegram when you’re receiving phishing e-mails or any other malicious related issues.
To keep track of news and updates, make sure to follow us on our social channels:
Subscribe to ETHLend Token Sale: https://about.ethlend.io/token-sale/
White Paper: https://github.com/ETHLend/Documentation/blob/master/ETHLendWhitePaper.md
Follow us & participate …
Discord (Latest news and voice chats): https://discord.gg/nKjsStv
DAPP Thread: https://bitcointalk.org/index.php?topic=2013399
Telegram General: https://t.me/ETHLend
Telegram Sprechen Sie Deutsch https://t.me/ETHLend_DE
Telegram ¿Hablas español https://t.me/ETHLend_ES
Telegram Parli italiano https://t.me/ETHLend_ITA
Telegram Говорите по-русски https://t.me/ETHLend_RU
BTCTalk ICO Thread: http://bitcointalk.org/index.php?topic=2090735.0;all
hey, I just upvoted you!
I was just going through a lot of white papers and I found that CoinLoan is quite an interesting project when compared to Salt and EthLend. I’ve covered it in a lot of detail at http://cryptoupdates.net/guides/coinloan.