Cryptocurrency Fraud , Fraud Management & Cybercrime , Video

How to Carry Out a Crypto Heist - Part 1

Web3 Expert Delves Into the Mind of a Hacker and Tells How to Be One Step Ahead
Martin Derka, head of new initiatives, Quantstamp

Threat actors are targeting Web3 and making off with billions in stolen cryptocurrency, and they are using cryptocurrency mixers and blockchain bridges to launder money gained by ransoming thousands of businesses and government agencies.

See Also: Cyber Defense: What Are We Missing?

How do the criminals find vulnerabilities and plan and execute attacks? How can organizations defend against such attacks? How can you use that information to mitigate and recover from a breach?

Martin Derka, head of new initiatives at Quantstamp, a Web3 security company, says you need to get into the mind of a hacker.

Timing is everything with hackers, he says. They attack when "nobody is looking and everybody is busy," including during holidays and cybersecurity conferences and if all else fails, in the middle of the night, he says.

In Part 1 of this interview with Information Security Media Group, Derka discusses:

  • The prevalence of smart contract exploits and the limitations of code auditing;
  • How to pick the right auditor for different projects;
  • Cybersecurity best practices for Web3 platforms.

In Part 2 of this two-part interview, Derka discusses what a Web3 hack incident response should look like, how to address hard-to-solve issues such as the Profanity vulnerability, and why criminals are finding it harder to cash out stolen funds, especially in light of the U.S sanctioning crypto mixers such as Tornado Cash.

Derka helps Quantstamp secure projects prior to deployment and support crisis management in the aftermath of an exploit. He has years of experience in the development of smart contracts and platforms built on Ethereum, specializing in decentralized finance security and economic manipulations.


About the Author

Rashmi Ramesh

Rashmi Ramesh

Assistant Editor, Global News Desk, ISMG

Ramesh has seven years of experience writing and editing stories on finance, enterprise and consumer technology, and diversity and inclusion. She has previously worked at formerly News Corp-owned TechCircle, business daily The Economic Times and The New Indian Express.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.in, you agree to our use of cookies.