Cryptocurrency Malware Theft Is Worth Millions

Uploaded on 2018-06-19 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-Financial

The Dark Web is associated with the illegal trade in malware and malicious hacking tools, a market which has now turned towards lucrative cryptocurrency theft.  Cryptocurrency, including Bitcoin (BTC), Ethereum (ETH), and Monero (XMR), has grown popular have boomed over the last few years. 

The market is no longer just a way to trade virtual assets in a decentralised, somewhat anonymous fashion. Instead, startups have emerged which focus solely on cryptocurrency and the blockchain, well-known brands are launching Initial Coin Offerings (ICOs), and the crypto-currency market has become a speculative way for investors to make serious money.

However, with popularity rising, so does the interest from criminals, and this has created a new industry in the world of hacking tools and software.

According to Carbon Black's latest research report, on Cryptocurrency on the Dark Web, the market for malware and tools designed specifically for the theft of crypto-currency is growing apace. The researchers estimate that over the past six months alone, a total of $1.1 billion has been stolen in cryptocurrency-related thefts, and approximately 12,000 marketplaces in the underbelly of the Internet are fueling this trend.

In total, there are roughly 34,000 products and services on sale that are related to cryptocurrency theft, ranging from just over a dollar in price to $224, with an average cost of around $10.

"The available dark web marketplaces represent a $6.7 million illicit economy built from crypto-currency-related malware development and sales," the researchers say.

Cryptocurrency-stealing malware, such as crypto-jackers GhostMiner and Loapi, appear to be the tools of choice for cybercriminals seeking to cash in on the craze for virtual coins.

Carbon Black claims that cryptocurrency exchanges are the most vulnerable targets for cyber-criminals, with close to a third, 27 percent, of attacks directed at these trading posts. In total, close to 21 percent of attacks target businesses directly, while seven percent are aimed at governments.

In February 2018,a cryptojacking scheme compromised the UK and Australian government websites, siphoning visitor PC power in order to mine for Monero. In total, roughly 4,000 domains were affected, and a legitimate third-party plugin installed to assist visitors with visual impairments was at fault after being compromised at the source.

The bulk of cryptocurrencytheft offerings are based on Bitcoin, likely due to the virtual currency's popularity and the promise of high returns.

However, 44 percent of attacks now relate to Monero, likely due to crypto-jacking rather than outright wallet compromise. An estimated 11 percent of attacks involve Ethereum. Traders do not want to be paid in Bitcoin themselves due to high transaction fees associated with the crypto-currency and the length of time it can take to process a payment. Instead, Monero is the crypto-currency of choice due to comparably low fees, privacy, and non-traceability.

"Our analysis of the marketplace suggests cryptocurrency-related malware listings are designed to cater to unskilled cyber actors, or those looking to make a quick buck from highly vulnerable victims," Carbon Black says. 

"The listings are riddled with phrases that emphasise the sheer simplicity in using these tools. The phrases are not something we typically expect to see in offerings geared toward sophisticated actors."

ZDNet

You Might Also Read:

Criminal Web-Injects Can Steal Cryptocurrency:

Crypto-Mining Is A Growing Epidemic:
 

 

« Profile Of An Ethical Bug Hunter
How Computer Data Helped Investigate Quebec Shooter »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ASIS International

ASIS International

ASIS International is a global community of security practitioners with a role in the protection of assets - people, property, and/or information.

Zertificon Solutions

Zertificon Solutions

Zertificon is a leader in professional email encryption and data security.

IntelliGO Networks

IntelliGO Networks

IntelliGO Networks is a cybersecurity company focused on Managed Detection and Response (MDR).

Rhebo

Rhebo

Rhebo Industrial Protector monitors and ensures the continuous, correct, and predictable operation of real-time Industrial Control Systems to prevent outages and reduce downtimes.

California Cybersecurity Institute (CCI) - Cal poly

California Cybersecurity Institute (CCI) - Cal poly

The CCI provides a hands-on research and learning environment to explore new cyber technologies and train and test tactics alongside law enforcement and cyberforensics experts.

LaoCERT

LaoCERT

LaoCERT is the national Computer Incident Response Team for Laos.

MedCrypt

MedCrypt

MedCrypt are a team of medical device experts focused on bringing modern cybersecurity features to the next generation of healthcare technology.

FraudHunt

FraudHunt

FraudHunt protects your website from account fraud, ad fraud, fraud clicks, and malicious bots.

Recruit.net

Recruit.net

Recruit.net allows job seekers to instantly find millions of jobs from thousands of web sites with a single search.

Blue Hexagon

Blue Hexagon

Blue Hexagon is a deep learning innovator focused on protecting organizations from cyberthreats.

Ridge Global

Ridge Global

Ridge Global works with C-suite executives and corporate directors to build more resilient organizations through innovative preparedness, protection, response and education capabilities.

InfoSystems Inc

InfoSystems Inc

InfoSystems provides reliable IT solutions to build and maintain strong and secure systems for both SMB and enterprise organizations.

Resilience Cyber insurance

Resilience Cyber insurance

Resilience helps to improve cyber resilience by connecting cyber insurance coverage with advanced cybersecurity visibility and a shared plan to reinforce great cyber hygiene.

TempoCap

TempoCap

TempoCap is a European growth-stage technology fund with offices in London and Berlin. We invest across a variety of high- growth sectors including cybersecurity.

Highen Fintech

Highen Fintech

Highen is a blockchain software development company with offices in the United States and development centers in India.

Ofcom

Ofcom

Ofcom is the UK's communications regulator. We regulate the TV, radio and video on demand sectors, fixed line telecoms, mobiles, postal services, plus the airwaves over which wireless devices operate.