News

6/18/2018
11:10 AM
Connect Directly
Twitter
Twitter
RSS
E-Mail

7 Ways Cybercriminals Are Scamming a Fortune from Cryptocurrencies

Cryptocurrencies, how do hackers love thee? Let us count the ways.
4 of 8

Wallet Stealers
Since late last year, security researchers have been following an uptick in criminal scanning for insecure crypto wallets on the Internet. 
'It is important to have a basic understanding of how crypto transactions work to protect assets. It might help to imagine your crypto wallet as a safety deposit box that exists in a room with everyone else's deposit boxes,' explains James Lerud, head of the Behavioral Research Team at Verodin. 'It is a public room where anyone can put an asset into your safety deposit box so long as they know where it is. The only way to take money out of the box is to have a key. How you store that key, or who you trust to store that key for you, is the most important decision an investor can make to safeguard the assets within the deposit box.'
The methods of wallet pick pocketing continue to get creative, but they often follow some tried-and-true cybercriminal playbooks. For example, in April, Zscaler reported a surge in a remote access Trojan (RAT) called njRAT that was used not only as a ransomware tool, but also as a Bitcoing wallet stealer. Another piece of malware called ComboJack, first identified by Palo Alto Networks researchers, stole crypto wallet addresses from owners' clipboards, as many of them copy and paste them during transactions because of the long length of the addresses.
Image Source: Adobe Stock (davidevison)

Wallet Stealers

Since late last year, security researchers have been following an uptick in criminal scanning for insecure crypto wallets on the Internet.

"It is important to have a basic understanding of how crypto transactions work to protect assets. It might help to imagine your crypto wallet as a safety deposit box that exists in a room with everyone else's deposit boxes," explains James Lerud, head of the Behavioral Research Team at Verodin. "It is a public room where anyone can put an asset into your safety deposit box so long as they know where it is. The only way to take money out of the box is to have a key. How you store that key, or who you trust to store that key for you, is the most important decision an investor can make to safeguard the assets within the deposit box."

The methods of wallet pick pocketing continue to get creative, but they often follow some tried-and-true cybercriminal playbooks. For example, in April, Zscaler reported a surge in a remote access Trojan (RAT) called njRAT that was used not only as a ransomware tool, but also as a Bitcoing wallet stealer. Another piece of malware called ComboJack, first identified by Palo Alto Networks researchers, stole crypto wallet addresses from owners' clipboards, as many of them copy and paste them during transactions because of the long length of the addresses.

Image Source: Adobe Stock (davidevison)

4 of 8
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/8/2018
5 Reasons Why Threat Intelligence Doesn't Work
Jonathan Zhang, CEO/Founder of WhoisXML API and TIP,  11/7/2018
Why Password Management and Security Strategies Fall Short
Steve Zurier, Freelance Writer,  11/7/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19186
PUBLISHED: 2018-11-14
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the route.php paymentMethod parameter.
CVE-2018-19187
PUBLISHED: 2018-11-14
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in a success.php echo statement.
CVE-2018-19188
PUBLISHED: 2018-11-14
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the success.php fort_id parameter.
CVE-2018-19189
PUBLISHED: 2018-11-14
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in an error.php echo statement.
CVE-2018-19190
PUBLISHED: 2018-11-14
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the error.php error_msg parameter.