News

6/18/2018
11:10 AM
Connect Directly
Twitter
Twitter
RSS
E-Mail

7 Ways Cybercriminals Are Scamming a Fortune from Cryptocurrencies

Cryptocurrencies, how do hackers love thee? Let us count the ways.
4 of 8

Wallet Stealers
Since late last year, security researchers have been following an uptick in criminal scanning for insecure crypto wallets on the Internet. 
'It is important to have a basic understanding of how crypto transactions work to protect assets. It might help to imagine your crypto wallet as a safety deposit box that exists in a room with everyone else's deposit boxes,' explains James Lerud, head of the Behavioral Research Team at Verodin. 'It is a public room where anyone can put an asset into your safety deposit box so long as they know where it is. The only way to take money out of the box is to have a key. How you store that key, or who you trust to store that key for you, is the most important decision an investor can make to safeguard the assets within the deposit box.'
The methods of wallet pick pocketing continue to get creative, but they often follow some tried-and-true cybercriminal playbooks. For example, in April, Zscaler reported a surge in a remote access Trojan (RAT) called njRAT that was used not only as a ransomware tool, but also as a Bitcoing wallet stealer. Another piece of malware called ComboJack, first identified by Palo Alto Networks researchers, stole crypto wallet addresses from owners' clipboards, as many of them copy and paste them during transactions because of the long length of the addresses.
Image Source: Adobe Stock (davidevison)

Wallet Stealers

Since late last year, security researchers have been following an uptick in criminal scanning for insecure crypto wallets on the Internet.

"It is important to have a basic understanding of how crypto transactions work to protect assets. It might help to imagine your crypto wallet as a safety deposit box that exists in a room with everyone else's deposit boxes," explains James Lerud, head of the Behavioral Research Team at Verodin. "It is a public room where anyone can put an asset into your safety deposit box so long as they know where it is. The only way to take money out of the box is to have a key. How you store that key, or who you trust to store that key for you, is the most important decision an investor can make to safeguard the assets within the deposit box."

The methods of wallet pick pocketing continue to get creative, but they often follow some tried-and-true cybercriminal playbooks. For example, in April, Zscaler reported a surge in a remote access Trojan (RAT) called njRAT that was used not only as a ransomware tool, but also as a Bitcoing wallet stealer. Another piece of malware called ComboJack, first identified by Palo Alto Networks researchers, stole crypto wallet addresses from owners' clipboards, as many of them copy and paste them during transactions because of the long length of the addresses.

Image Source: Adobe Stock (davidevison)

4 of 8
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
New Cold Boot Attack Gives Hackers the Keys to PCs, Macs
Kelly Sheridan, Staff Editor, Dark Reading,  9/13/2018
Turn the NIST Cybersecurity Framework into Reality: 4 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1674
PUBLISHED: 2018-09-20
IBM Business Process Manager 8.5 through 8.6 and 18.0.0.0 through 18.0.0.1 are vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 145109.
CVE-2018-1800
PUBLISHED: 2018-09-20
IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could allow a local user to obtain highly sensitive information during a short time period when installation is occuring. IBM X-Force ID: 149607.
CVE-2018-3864
PUBLISHED: 2018-09-20
An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long &quot...
CVE-2018-3865
PUBLISHED: 2018-09-20
An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long &quot...
CVE-2018-17254
PUBLISHED: 2018-09-20
The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.