News

6/18/2018
11:10 AM
Connect Directly
Twitter
Twitter
RSS
E-Mail

7 Ways Cybercriminals Are Scamming a Fortune from Cryptocurrencies

Cryptocurrencies, how do hackers love thee? Let us count the ways.
4 of 8

Wallet Stealers
Since late last year, security researchers have been following an uptick in criminal scanning for insecure crypto wallets on the Internet. 
'It is important to have a basic understanding of how crypto transactions work to protect assets. It might help to imagine your crypto wallet as a safety deposit box that exists in a room with everyone else's deposit boxes,' explains James Lerud, head of the Behavioral Research Team at Verodin. 'It is a public room where anyone can put an asset into your safety deposit box so long as they know where it is. The only way to take money out of the box is to have a key. How you store that key, or who you trust to store that key for you, is the most important decision an investor can make to safeguard the assets within the deposit box.'
The methods of wallet pick pocketing continue to get creative, but they often follow some tried-and-true cybercriminal playbooks. For example, in April, Zscaler reported a surge in a remote access Trojan (RAT) called njRAT that was used not only as a ransomware tool, but also as a Bitcoing wallet stealer. Another piece of malware called ComboJack, first identified by Palo Alto Networks researchers, stole crypto wallet addresses from owners' clipboards, as many of them copy and paste them during transactions because of the long length of the addresses.
Image Source: Adobe Stock (davidevison)

Wallet Stealers

Since late last year, security researchers have been following an uptick in criminal scanning for insecure crypto wallets on the Internet.

"It is important to have a basic understanding of how crypto transactions work to protect assets. It might help to imagine your crypto wallet as a safety deposit box that exists in a room with everyone else's deposit boxes," explains James Lerud, head of the Behavioral Research Team at Verodin. "It is a public room where anyone can put an asset into your safety deposit box so long as they know where it is. The only way to take money out of the box is to have a key. How you store that key, or who you trust to store that key for you, is the most important decision an investor can make to safeguard the assets within the deposit box."

The methods of wallet pick pocketing continue to get creative, but they often follow some tried-and-true cybercriminal playbooks. For example, in April, Zscaler reported a surge in a remote access Trojan (RAT) called njRAT that was used not only as a ransomware tool, but also as a Bitcoing wallet stealer. Another piece of malware called ComboJack, first identified by Palo Alto Networks researchers, stole crypto wallet addresses from owners' clipboards, as many of them copy and paste them during transactions because of the long length of the addresses.

Image Source: Adobe Stock (davidevison)

4 of 8
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
What We Talk About When We Talk About Risk
Jack Jones, Chairman, FAIR Institute,  7/11/2018
Ticketmaster Breach Part of Massive Payment Card Hacking Campaign
Jai Vijayan, Freelance writer,  7/10/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14072
PUBLISHED: 2018-07-15
libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c.
CVE-2018-14073
PUBLISHED: 2018-07-15
libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c.
CVE-2018-14068
PUBLISHED: 2018-07-15
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add an admin account via admin.php?m=Admin&c=manager&a=add.
CVE-2018-14069
PUBLISHED: 2018-07-15
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add.
CVE-2018-14066
PUBLISHED: 2018-07-15
The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. One consequence is that an application without the READ_SMS permission can read SMS messages. This affects Infinix X571 phones, as well as various Lenovo p...