Participants at cryptocurrency conferences often neglect basic security measures, making them easy targets for malicious actors, warned Kraken’s Chief Security Officer Nick Percoco.
The expert noted that he frequently observes unlocked laptops and unattended phones belonging to representatives of well-known crypto projects at industry events. Meanwhile, wallet notifications continue to appear on device screens in real time.
“If you work with cryptocurrency, your digital device is not just a phone or laptop. It is a repository for you, your assets, and your employer’s operational activities,” stated Percoco.
He strongly recommended always keeping devices with you and locking them when not in use.
Percoco also reminded of a fundamental principle of cryptocurrencies:
“Cryptocurrencies inherently offer the ability to be your own bank. It is incredibly difficult to achieve the promised financial freedom if your personal and operational security are not a priority.”
According to him, fraudsters actively attend events, creating fictitious personas and registering under false names. Among their favorite methods are “juice jacking,” where malware is installed through public USB charging stations, as well as compromising or spoofing Wi-Fi networks.
“There are many technically savvy people at crypto events, including hackers. It only takes one malicious actor to exploit an unsecured connection,” Percoco emphasized.
QR codes also pose a potential threat. Although Percoco has not encountered such cases in practice, attackers could replace a legitimate code with a fake one leading to a phishing site.
To mitigate risks, the Kraken representative advises using a separate “expendable” wallet with a limited amount of funds at conferences.
The exchange’s security team also noted that some participants openly discuss their cryptocurrency earnings and carelessly display personal information—such as wearing badges with names and company titles far beyond the conference area.
Such carelessness is particularly dangerous amid the rise in physical thefts of digital assets, as well as kidnappings and extortion targeting members of the crypto community. CTO Casa Jameson Lopp maintains a list of offline robberies on GitHub. This year, he has already recorded 29 such incidents worldwide.
In May, arrests were made in three countries related to bitcoin extortion.
Earlier, ForkLog examined cases of offline crimes and security measures recommended to entrepreneurs.