A Redditor by the name reneveyj warned fellow XRP ledger users of a possible phishing attack on their accounts. Through a well-orchestrated plan, the XRPL users would become the victims of the attackers without their knowledge.
The Laid out Plan
According to the post on Reddit, the attackers sent a message to the XRPL account holders reading;
“NETWORK ANNOUNCEMENT: Ripple unlocks 50% stake in XRP, indicates massive airdrop www.claim***.com” (URL obfuscated for your security purpose).
The attackers altered certain URL links in such a way that, if you are not keen enough, definitely, you would fall into their trap. According to the post, the l on the ripple.com was changed to a special character that closely resembles the l in the legit URL link. The m in bithomp.com was also changed to an n.
In addition to that, the attackers went ahead to have the blog post on the airdrop professionally written to lure unsuspecting users on the legitimacy of the site. After a user opens the fake links, the attackers request for their private keys in order to be sent the airdrop.
Several XRP ledger users on the comment claimed to have received the memo from the hackers, however, they were fast to notice the difference in the redirected links from the original ones.
XRPL Security Measures
XRP ledger has been at the forefront in keeping the digital currency safe, secure and transparent in a way many other altcoins have not matched. Modern and updated security systems have been put in place to combat the cybersecurity threat from hackers.
Some of the notable measures include;
- On-Ledger Decentralized System: Its ledger system has been created in such a way that it has an independent accounting system that primarily sees XRP assets perform to the fullest. The tracking and trading system in the XRP ledger is not managed by the mother company Ripple, instead, it operates how the users want it to.
- Embedded Smart Contract Features: In order to protect XRP customers, the XRPL creators made sure features like smart contracts and Escrow are put in place. Smart contracts work by assisting the users to operate without the help of third parties. This reduces the risks involved in using middlemen channels where hackers spot weak-links to exploit.
- Reliable Consensus Algorithm: The XRP ledger system has an algorithm that performs requested transactions in 5 seconds, therefore, capable of processing up to 1500 transactions per second.
Although tight security measures are put in place to protect XRPL users from hackers’ attempts, it finally trickles down to the personal responsibility with the internet. Attackers will continue using different methods to compromise accounts and systems to their benefit.