Tracking the Relentless Fish

One of my online cryptocurrency wallets has been periodically attacked by phishers:

Full Dataset

Insights

  • First two login attempts and one a month later were mine —

    Entry #1 in United States on 30 Apr 2017, 17:12
    Entry #2 in Hong Kong     on 17 Aug 2018, 03:09
    Entry #6 in Hong Kong     on 11 Sep 2018, 00:08
  • To mitigate these attacks, on 3 Aug 2018, 00:54 I registered for 2FA.

    In total, I was attacked 44 times from
    10 Sept 2018, 23:39 to 15 Apr 2020, 17:25 (latest available data)
  • My wallet was brute-forced 19 times over the span of 4 and a half hours.

  • All attacks originated from a Windows-based operating system, running Chrome, besides some outliers.

    Entry #23 in Indonesia   on 22 Sep 2018, 21:07 used Windows 7
    Entry #25 in New Zealand on 23 Oct 2018, 21:47 used Windows 7
    Entry #27 in New Zealand on 23 Oct 2018, 21:47 used Windows 7
    Entry #28 in Malaysia    on 27 Nov 2018, 08:03 used Windows 8.1
  • Coincidentally, these attacks weren’t spread out, with all of them occurring in <60 seconds.

  • In 2019, my wallet ceased the logging of operating systems.

Analysis

BTC prices were all at market open, with the data sourced from CoinMarketCap. Interesting to see the frequency of attacks with the rise in value. The gap between Dec-18 to Apr-19 is also quite telling.

Epilogue

  • Cold storage always, I don’t trust online platforms. Keep the trading capital separate from your main stash.

  • Servers in Malaysia tried 17 times to access my account.

  • Two countries could not be located based off the IP address.