Phishing means luring the victim on to a false website, which mimics the website where the customer wants to log in. While trying to to log in, the user provides the attacker with his credentials. By relaying between the false and the legitimate login pages, attackers can also penetrate 2-factor authentication.

Centrabit's webpage has no login or registration forms. All sensitive user communication is integrated inside Centrabit Trader, the desktop app.

Centrabit Trader is closed-source and communicates with its servers via encrypted, unpublished protocols.

Malicious plugins

Any platform that communicates via web browser are exposed to malicious browser extensions or plugins.

Since the there is no log-in or registration forms on this website, a malicious plugin cannot get an attacker any nearer a user account.

Session hijacking

In session hijacking, the attacker exploits a valid session to gain unauthorized access to information or services in a computer system. This is common on websites where sessions are managed insecurely. Sessions between Centrabit Trader and exchanges are handled securily.

False download page

The remaining attack vector would be to mimic the download page of this website. The false website would provide the user with a false version of Centrabit Trader, displaying deposit instructions to the attackers own wallets and accounts.

To succeed, this attack requires the user to download an app from the wrong website. It also requires that he installs an unsigned app, ignoring warnings from his operating system.