Cryptocurrency Malware Theft Is Worth Millions

Uploaded on 2018-06-19 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

The Dark Web is associated with the illegal trade in malware and malicious hacking tools, a market which has now turned towards lucrative cryptocurrency theft.  Cryptocurrency, including Bitcoin (BTC), Ethereum (ETH), and Monero (XMR), has grown popular have boomed over the last few years. 

The market is no longer just a way to trade virtual assets in a decentralised, somewhat anonymous fashion. Instead, startups have emerged which focus solely on cryptocurrency and the blockchain, well-known brands are launching Initial Coin Offerings (ICOs), and the crypto-currency market has become a speculative way for investors to make serious money.

However, with popularity rising, so does the interest from criminals, and this has created a new industry in the world of hacking tools and software.

According to Carbon Black's latest research report, on Cryptocurrency on the Dark Web, the market for malware and tools designed specifically for the theft of crypto-currency is growing apace. The researchers estimate that over the past six months alone, a total of $1.1 billion has been stolen in cryptocurrency-related thefts, and approximately 12,000 marketplaces in the underbelly of the Internet are fueling this trend.

In total, there are roughly 34,000 products and services on sale that are related to cryptocurrency theft, ranging from just over a dollar in price to $224, with an average cost of around $10.

"The available dark web marketplaces represent a $6.7 million illicit economy built from crypto-currency-related malware development and sales," the researchers say.

Cryptocurrency-stealing malware, such as crypto-jackers GhostMiner and Loapi, appear to be the tools of choice for cybercriminals seeking to cash in on the craze for virtual coins.

Carbon Black claims that cryptocurrency exchanges are the most vulnerable targets for cyber-criminals, with close to a third, 27 percent, of attacks directed at these trading posts. In total, close to 21 percent of attacks target businesses directly, while seven percent are aimed at governments.

In February 2018,a cryptojacking scheme compromised the UK and Australian government websites, siphoning visitor PC power in order to mine for Monero. In total, roughly 4,000 domains were affected, and a legitimate third-party plugin installed to assist visitors with visual impairments was at fault after being compromised at the source.

The bulk of cryptocurrencytheft offerings are based on Bitcoin, likely due to the virtual currency's popularity and the promise of high returns.

However, 44 percent of attacks now relate to Monero, likely due to crypto-jacking rather than outright wallet compromise. An estimated 11 percent of attacks involve Ethereum. Traders do not want to be paid in Bitcoin themselves due to high transaction fees associated with the crypto-currency and the length of time it can take to process a payment. Instead, Monero is the crypto-currency of choice due to comparably low fees, privacy, and non-traceability.

"Our analysis of the marketplace suggests cryptocurrency-related malware listings are designed to cater to unskilled cyber actors, or those looking to make a quick buck from highly vulnerable victims," Carbon Black says. 

"The listings are riddled with phrases that emphasise the sheer simplicity in using these tools. The phrases are not something we typically expect to see in offerings geared toward sophisticated actors."

ZDNet

You Might Also Read:

Criminal Web-Injects Can Steal Cryptocurrency:

Crypto-Mining Is A Growing Epidemic:
 

 

« Profile Of An Ethical Bug Hunter
How Computer Data Helped Investigate Quebec Shooter »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

AvePoint

AvePoint

AvePoint is an established leader in enterprise-class data management, governance, and compliance software solutions.

Maryville Online - Cybersecurity Program

Maryville Online - Cybersecurity Program

The Cybersecurity Program at Maryville Online is designed to help students reach opportunities in cybersecurity leadership and management through an entirely online curriculum.

Usenix

Usenix

Usenix brings together the community of engineers, system administrators, scientists, and technicians working on the cutting edge of computing.

Cyber Risk Agency

Cyber Risk Agency

Cyber Risk Agency is a cybersecurity consulting firm specializing in managing cyber risks for SMEs.

BlueID

BlueID

BlueID is an IDaaS technology product which enables your objects to securely connect and interact with your users’ smart phones and smart watches.

Cloudmark

Cloudmark

Cloudmark is a trusted leader in intelligent threat protection against known and future attacks, safeguarding 12 percent of the world’s inboxes from wide-scale and targeted email threats.

Cyberens

Cyberens

Cyberens provide cybersecurity consulting services in IT sectors relating to defense and space, banking, industrial control systems and IoT.

Search Guard

Search Guard

Search Guard® is an Open Source security suite for #Elasticsearch and the entire #ELK stack that offers encryption, authentication, authorization, audit logging and multi tenancy.

Scanmeter

Scanmeter

Scanmeter helps identifying vulnerabilities in software and systems before they can be exploited by an attacker.

Progress Partners

Progress Partners

Progress Partners is a corporate advisory firm that works with buyers and sellers of emerging growth companies to complete M&A or private placement transactions. Our sectors include cybersecurity.

Lucidum

Lucidum

The Lucidum platform helps you assess risk and mitigate vulnerabilities by finding and correlating data from your security tech stack.

Gem Security

Gem Security

Gem is on a mission to help security operations evolve into the cloud era, and stop cloud threats before they become incidents.

TetherView

TetherView

TetherView provides leading virtual desktop and email security technology to help businesses stand up and manage digital workspaces.

Geobridge

Geobridge

Geobridge was one of the first information security solutions providers to support cryptography and payment applications for payment processors, financial institutions and retail organizations.

Dedagroup (Deda)

Dedagroup (Deda)

Dedagroup provide application solutions and IT services to bring innovation at the core of business processes.

DevOcean

DevOcean

DevOcean, the leader in Cybersecurity Exposure Remediation, helps organizations cut through the chaos by automatically consolidating, prioritizing, and streamlining fixes.