Blockchain security firms are cautioning that the coming year will see a rise in sophisticated AI-driven phishing scams and a variety of smart contract vulnerabilities targeting crypto investors.
Advanced AI Scams and BRC-20 Exploits in 2024
Jesse Leclere, a blockchain analyst from CertiK, spoke with Cointelegraph about the evolving nature of phishing scams. He warned that these scams are not only becoming more sophisticated but are also targeting both individual users and corporate systems using tailored social engineering tactics specific to the crypto context. The use of generative AI is expected to enhance the effectiveness of these scams, creating more convincing fake calls, videos, and messages.
Jenny Peng, a research analyst from 0xScope, also foresees AI playing a major role in generating realistic “deep fakes” to deceive crypto users. Furthermore, she anticipates increased hacker focus on the BRC-20 ecosystem due to its current security shortcomings, as exemplified by the early 2023 double-spend exploit on the BRC-20 UniSat wallet.
Concerns Over Cross-Chain Bridges
Leclere pointed out that cross-chain bridges, already a critical concern in the industry, will continue to be vulnerable in 2024. As the industry leans towards cross-chain solutions for better interoperability, these protocols may become prime targets for attacks, exploiting complexities in interactions across different protocols and chains.
The $650 million Ronin bridge hack, one of the largest in the sector’s history, exemplifies the risk associated with bridge exploits. Leclere believes that without significant security enhancements, such issues will persist into 2024.
Increased Sophistication in Evading Detection
Phil Larratt, director of investigations at Chainalysis, added that illicit actors are likely to use more advanced methods to conceal their activities. As traditional organized criminals and financial crime actors increasingly adopt crypto, they are expected to use privacy coins, bridges, mixers, and other obfuscation tools more effectively.
Larratt emphasized the need for more intense law enforcement investigations, enhanced training and knowledge sharing, advanced fraud protection programs, and continued public-private partnerships to combat these evolving threats. He predicts that with the growing expertise of security firms and law enforcement, the next generation of scammers will likely employ these sophisticated methods to evade detection.