ThreatSlayer: Web3 Security Q&A with CEO Rick Deacon
February 7, 2023
Learn about the most common techniques bad actors are using to rob you of your hard-earned crypto and how ThreatSlayer lets you in on them.
The ThreatSlayer browser extension is both an AI and community-based approach to fighting bad actors in crypto and browser-based threats in general. The team has worked hard at building this tool, but ultimately, being in the know is the best way to be on guard here.
All of us staying on top of the latest threats that degens and Web3 users are facing out there is part of how we make the app stronger and keep the pack safe. Read along so you get all the intel on some important Web3 security-related questions answered by Rick, our CEO.
Common Web3 Threats
First, let’s discuss what to look out for in Web3:
What are the top security problems for crypto and Web3 users right now?
The most prevalent security problems are all focused on social engineering:
Phishing attacks where attackers try to steal personal information or login credentials by disguising a malicious website as a legitimate one.
Malware infections which can steal personal information, funds or take control of a device.
Scams that take advantage of the hype around cryptocurrency and Web3 technologies to trick users into sending money or personal information.
Weak or compromised private keys which can lead to loss of assets.
Lack of 2FA which makes the user's account vulnerable to hacking.
Can you explain social engineering and how it relates to crypto and Web3 users?
Social engineering, simply, is the act of tricking someone into giving you something. Online, and especially in Web3, it's focused on convincing you that you need to click something immediately, or reset your password now, or perhaps sign a smart contract for an airdrop before time runs out. All the attacks are driven by convincing you out of your assets.
Can you explain some of these attacks and what users can do to prevent falling prey to them?
Phishing attacks: We’ve shared a guide on these. They can be prevented by paying attention to links, where they’re from and where they go. Furthermore, use ThreatSlayer to stop these links before you even notice.
Credential theft: This is where someone uses a phishing attack or malware to steal your logins and password to perform duties on your behalf - like transfer tokens. To prevent this, use multi-factor authentication (MFA) and use tools that block fake pages.
Impersonating blockchain sites: Pretty straightforward. These are fake sites pretending to be blockchain sites like Coinbase or Binance, for example — but it could be any! Then they’re used to trick you (social engineering) and steal your passwords (phishing). Use tools like our Bouncer and ThreatSlayer that block fake websites to prevent this.
Credit card phishing: This is phishing targeted to credit card users. It usually impersonates a credit card site. ThreatSlayer also blocks these!
Scam wallets: A scam wallet is a fraudulent crypto wallet that is designed to steal users' funds. Scammers often create fake wallets and promote them as legitimate, promising high returns or special features. These wallets may look and function like legitimate wallets, but they are actually controlled by scammers.
DeFi users (degens) are some of the prime targets for bad actors in the space. What are some of the ways in which they’re particularly vulnerable?
They’re more vulnerable than others due to the fact that new projects, tokens, and exchanges are frequently launched. They’re all offering new and better services and rewards, and people want to get in on it. They’re told to act quickly and they're all excited. This really sets them up to be targeted. That, coupled with the fact their wallets are easily accessible sets them up for an attack.
What are some rules of thumb for how they can protect themselves?
Some rules of thumb to stay secure as a crypto holder:
Keep your private keys secure and do not share them. Use a hardware wallet for added security.
Be cautious of phishing attempts and do not click on any links or enter personal information unless you are certain the source is legitimate.
Use Two-Factor Authentication (2FA) and avoid public networks when accessing crypto accounts and sending transactions.
Always keep your software up to date.
What are some other security problems for crypto and Web3 users that you wouldn’t expect to hear about or are new to Web3-native audiences?
Smart contracts, which are essentially just code, are unique to Web3 but also contain malicious attacks like wallet draining or bait-and-switch tactics. These are signed when you login to sites with your wallet, buy an NFT, or interact with almost any Web3 product. These are new and unique, and we at Interlock are always looking for solutions to help prevent these attacks from succeeding.
What technologies can be used to help prevent these or minimize the effect of these social engineering practices?
MFA, physical storage for private keys, self-custody hardware wallets, and ThreatSlayer!
How can you distinguish between a genuine threat and an innocent visual flaw or unconventional design?
We use a series of heuristics that help determine whether a website being visited is legitimate. Due to the nature of our work, we can’t share those heuristics but one is our AI threat detection.
Could an AI make these distinctions?
AI uses what it knows about what a website should be combined with many datasets we’ve used to train it, visually, that help determine if an imposter is impersonating another page.
The best way to fight security threats is by educating your audience about their practices. What are some of the possibilities that are uniquely enabled by Web3 in terms of crowdsourcing this intelligence?
Threat intelligence is usually siloed and kept away from other competitors in order to have a product advantage. That same intelligence is what powers security tools used by everyone. Therefore, it's extremely important that this data is shared and made accessible.
In Web3, we can gather communities of individuals ready to help battle threats and then utilize the data they create ,and are rewarded for, to create an even more useful and larger dataset. This dataset, created by individuals, was not possible prior to Web3 due to the lack of collaboration.
How ThreatSlayer Helps
Let’s move on to some questions about ThreatSlayer, how it works, and how it can help users avoid these attacks:
What’s the reason behind launching enterprise security as a browser extension?
Almost every company, Web2 or Web3, is doing business within the browser - it’s the new OS and the attack surface for theft and phishing. We chose the browser extension because it gives us access to unique data and the ability to protect where no one else can.
What’s it like to use ThreatSlayer? Can users expect a similar experience to using other security extensions?
ThreatSlayer is incredibly easy to use and requires no setup. Just install it, and it immediately begins working in the background. If it detects that you're visiting a malicious site it will warn you and you can react accordingly.
How is it updated with the intel gathered by the community?
ThreatSlayer uses the latest feeds from a number of sources that track the emergence of malicious websites. Additionally, ThreatSlayer utilizes an AI classifier to detect novel sites.
Tell us about the upcoming crypto incentives for users who wish to contribute to ThreatSlayer’s intel database.
Users will be able to stake against the reputation of websites as being malicious or not, and will be rewarded for doing so.
How are ThreatSlayer users making the internet safer with Grey-area staking?
Users who help identify sites that we cannot accurately classify will help protect any site that evades ThreatSlayer's detection algorithm.
What is different about your approach to traditional Web2 security solutions?
Our approach integrates users into the learning pipeline rather than users being a discrete entity. They are incentivized to engage and thus improve ThreatSlayer's detection of the ever-evolving landscape of malicious actors.
Download ThreatSlayer and stay tuned for more on how it’s using the latest AI advancements to make sure you don’t get played by bad actors and social engineering. You can also jump into more in-depth looks we’ve taken at some Web3 attacks and scams: