7 Ways Cybercriminals Are Scamming a Fortune from Cryptocurrencies
Cryptocurrencies, how do hackers love thee? Let us count the ways.
June 18, 2018
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt1cd043657d32d92a/64f0d6d52263b39d48ad223d/01-cryptocurrency.jpeg?width=700&auto=webp&quality=80&disable=upscale)
With the cryptocurrency market bonanza in full swing, unscrupulous cybercriminals are cooking up new scams and hacks by the hour, all with the goal of reaping the ill-gotten rewards from investors, cryptocurrency exchanges, and legitimate coin miners across the internet.
According to most experts, 2018 is reaching a fevered pitch of criminal activity around all things blockchain and cryptocoin. In fact, one estimate by CryptoAware states that the criminal activity only halfway through 2018 makes up more than half of all criminal cryptocurrency incidents in the past seven years. So far this year, losses are stacking up to nearly $1.7B in publicly disclosed losses, according to figures compiled by that company.
Some cybersecurity experts believe the feeding frenzy is so frantic that it’s potentially distracting the bad guys from more traditional forms of cybercriminal data theft. For example, according to Risk Based Security's Q1 2018 Data Breach Trends report, this year's first quarter was the quietest in six years. Its researchers offer several theories on why, and one of them has to do with crypto criminality.
"We think the shift toward cryptomining is possibly easing some of the attention on data theft," says Inga Goddijn, executive vice president for Risk Based Security. "It's still too early to say for sure, but it does go to show: Malicious activity will follow the best opportunities for making a profit."
The following are some of the most common ways that the crooks are hacking and scamming their way into riches off the cryptocurrency bubble.
Top industry experts will offer a range of information and insight on who the bad guys are – and why they might be targeting your enterprise. Click for more information
South Korean crypto exchange Conrail is just the latest in a laundry list of cryptocoin exchanges getting hit this year with hacks, which are resulting in tens or even hundreds of millions of dollars in losses. Conrail's loss was about $37 million, but more dramatic incidents like the one at Coincheck added up to over $500 million in stolen currency.
Since late last year, security researchers have been following an uptick in criminal scanning for insecure crypto wallets on the Internet.
"It is important to have a basic understanding of how crypto transactions work to protect assets. It might help to imagine your crypto wallet as a safety deposit box that exists in a room with everyone else's deposit boxes," explains James Lerud, head of the Behavioral Research Team at Verodin. "It is a public room where anyone can put an asset into your safety deposit box so long as they know where it is. The only way to take money out of the box is to have a key. How you store that key, or who you trust to store that key for you, is the most important decision an investor can make to safeguard the assets within the deposit box."
The methods of wallet pick pocketing continue to get creative, but they often follow some tried-and-true cybercriminal playbooks. For example, in April, Zscaler reported a surge in a remote access Trojan (RAT) called njRAT that was used not only as a ransomware tool, but also as a Bitcoing wallet stealer. Another piece of malware called ComboJack, first identified by Palo Alto Networks researchers, stole crypto wallet addresses from owners' clipboards, as many of them copy and paste them during transactions because of the long length of the addresses.
Attackers are also on the hunt to scam legitimate miners of cryptocurrency by seeking out vulnerabilities in the software or hardware running on mining rigs. One example of this was an attack campaign found by Bitdefender targeting EthOS, an operating system designed for Ethereum mining. The attack scanned for open SSH connections to EthOS, seeking to change default login credentials and take over these rigs and the coins stored within them.
Most recently, a report from security firm Qihoo 360 Netlab shows that hackers have managed to steal $20 million from both coin-mining equipment and individuals' wallets by scanning for exposed RPC interfaces on port 8545. This interface is for API access to Ethereum-based services; when insecurely configured, it opens up legitimate miners to complete liquidation by the bad guys.
Simply playing off of the excitement and interest in Bitcoin and other cryptocurrencies is offering cybercriminals a valuable lure for a range of malware scams. One particular favorite is convincing users to download fake wallet platforms that are actually delivering some form of malware onto their machines. For cryptocurrency owners, at best these malware deliver some kind of spyware or ransomware. At worst, they're being used to siphon off valuable crypto coins.
If there's one thing that veteran security pros will tell you, it is to never discount the power of phishing. This mantra holds true in the world of cryptocurrency, where scammers are phishing investors to devastating effect. For example, attackers managed to steal $4 million from various cryptocurrency investors by leading them to a phishing website that mimicked a site that generates "seeds," or 81-character strings used in the creation of crypto wallets. This ensured that users were creating wallets based on malicious seeds that could be accessed at will by thieves.
Meantime, another recent phishing campaign uncovered by RiskIQ targeted Ethereum owners by directing users to a MyEtherWallet phishing page that not only sought to steal their credentials, but which also ran a script into active web sessions designed to quietly execute bank transfers just after the scammers logged into users' cryptocurrency accounts.
With the cryptocurrency market bonanza in full swing, unscrupulous cybercriminals are cooking up new scams and hacks by the hour, all with the goal of reaping the ill-gotten rewards from investors, cryptocurrency exchanges, and legitimate coin miners across the internet.
According to most experts, 2018 is reaching a fevered pitch of criminal activity around all things blockchain and cryptocoin. In fact, one estimate by CryptoAware states that the criminal activity only halfway through 2018 makes up more than half of all criminal cryptocurrency incidents in the past seven years. So far this year, losses are stacking up to nearly $1.7B in publicly disclosed losses, according to figures compiled by that company.
Some cybersecurity experts believe the feeding frenzy is so frantic that it’s potentially distracting the bad guys from more traditional forms of cybercriminal data theft. For example, according to Risk Based Security's Q1 2018 Data Breach Trends report, this year's first quarter was the quietest in six years. Its researchers offer several theories on why, and one of them has to do with crypto criminality.
"We think the shift toward cryptomining is possibly easing some of the attention on data theft," says Inga Goddijn, executive vice president for Risk Based Security. "It's still too early to say for sure, but it does go to show: Malicious activity will follow the best opportunities for making a profit."
The following are some of the most common ways that the crooks are hacking and scamming their way into riches off the cryptocurrency bubble.
Top industry experts will offer a range of information and insight on who the bad guys are – and why they might be targeting your enterprise. Click for more information
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024