Blockchain security firms are cautioning crypto projects and investors about the looming threats of more sophisticated AI-powered scams in 2024.
Despite the improvement seen in scam and hack-related losses, dropping from $4 billion in 2022 to $1.7 billion in 2023, experts that Cointelegraph spoke with for a recent article warned that the nature of scams is evolving, necessitating increased vigilance.
Jesse Leclere, an analyst from on-chain security firm CertiK, highlighted the growing sophistication of phishing attacks, saying that they may not only target individual users but also corporate systems.
The recent Ledger Connect exploit on December 14 is an example of such an advanced attack.
In the article, Leclere noted that so-called generative AI is expected to play a crucial role in making phishing scams more convincing by automating operations and creating realistic fake calls, videos, and messages tailored to crypto users.
Additionally, Leclere said cross-chain bridges will continue to be a focus in 2024 as the sector adopts more cross-chain solutions, saying the bridges may become attractive targets for attackers exploiting vulnerabilities arising from interactions between different chains.
Cross-chain bridges are already among the crypto protocols that have been exploited the most by hackers, with one recent example being the $126 million Multichain hack in July 2023.
Another day another hack.
This time $126M stolen.Multi chain bridge wallets on Fantom got hacked.
Would recommend getting funds out of Fantom.
If you have USDC or ETH there convert them to FTM and try to sell in a CEX.
— JohnnyTime 🤓🔥 (@RealJohnnyTime) July 7, 2023
AI-generated ‘deep fakes’
Jenny Peng, a research analyst from 0xScope, added that AI could also be utilized to generate realistic “deep fakes,” posing a threat to crypto users.
Specifically, Peng pointed to the Bitcoin-based BRC-20 ecosystem, saying she expects it to receive increased attention from hackers in 2024 due to a relative lack of developments in security.
As a recent example of a BRC-20 scam, Peng mentioned the double-spend exploit targeting the BRC-20 UniSat wallet in early 2023 as evidence that the ecosystem needs to rapidly evolve its infrastructure.
A few hours ago, UniSat Marketplace, which just launched, experienced a large number of double-spend attacks due to a vulnerability in our codebase.
During our testing last week, we simulated different approaches to double-spend attacks and made improvements and enhancements to…— UniSat Wallet – Store, Inscribe and Search. (@unisat_wallet) April 24, 2023
Scammers becoming more sophisticated
Also commenting in the article, Phil Larratt, Director of Investigations at blockchain intelligence firm Chainalysis, added a note of caution, predicting that illicit actors will grow more sophisticated in their tactics and techniques.
He said he expects increased adoption of privacy coins, bridges, mixers, and obfuscation tools by scammers, and emphasized the need for intensive law enforcement investigations, advanced fraud protection programs, and continued partnerships between the public and private sectors to counteract these evolving threats.