Rising Threat of Overlay Attacks Endangers Crypto Users, Warns Security CEO

A new type of cyberattack known as "overlay attacks" is posing a significant threat to crypto users, according to Asaf Ashkenazi, CEO of cybersecurity firm Verimatrix. These attacks involve creating a fake interface on a user's device to trick them into entering sensitive information, such as usernames, passwords, and two-factor authentication (2FA) codes. The attacker then uses this information to gain access to the user's actual accounts.The process begins with the user downloading a seemingly harmless app, often disguised as a game or other fun application. This app functions normally, which prevents users from suspecting it to be malicious. When the user opens a target app, like a crypto exchange or bank, the malicious app creates an exact replica of the interface. The user unknowingly enters their credentials into this fake interface, which the attacker captures and uses to access the real app.Ashkenazi noted that overlay attacks can bypass 2FA since the malicious app can capture the authentication codes entered by the user. He also emphasised that while non-custodial crypto wallets have not yet been targeted by such attacks, they remain vulnerable because the attacks occur on the user's own device, which holds the wallet's private keys.To mitigate these risks, Ashkenazi recommends users be cautious of apps that appear too good to be true, avoid granting unnecessary permissions, and consider using separate devices for children's games to prevent accidental downloads of malicious apps. Additionally, he suggests that centralised services implement monitoring systems to detect and block overlay attacks.