SAAS Malware Used To Attack Crypto Wallets

Uploaded on 2022-01-24 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The availability of  of cheap and easy-to-use malware on Dark Web markets means that it has never been easier for cyber criminals to steal crypto currencies.  In most cases, industry observers focus on attacks against large organisations, hacks of crypto currency exchanges or ransomware attacks against critical infrastructure. 

Now, hackers are have begun to use this readily available malware to steal smaller amounts of crypto-currency from individual users. 

Crypto currency has been a popular target for cyber criminals, whether they are stealing it via crypto-currency exchanges or demanding it as an extortion payment in ransomware attacks. Now blockchain software experts at Chainalysis  are warning there has been a significant increase in cheap malware available and easy to use by hackers who want to steal crypto-currency from users, resulting in a significant increase of crypto currency theft. 

Crypto Currency & Malware 

The growing value and use of crypto currency means that criminals increasingly launch attacks that aim to steal the money from the digital wallets of individual users. 

Malware refers to malicious software that carries out harmful activity on a victim’s device, usually without their knowledge. This can be as simple as stealing information or money from victims, but can also be much more complex and grand in scale.  For instance, malware operators who have infected enough devices can use those devices as a botnet, having them work in concert to carry out distributed denial-of-service (DDOS) attacks, commit ad fraud, or send spam emails to spread the malware further. 

The vast majority of malware operators receive initial victim payments at private wallet addresses, though a few use addresses hosted by larger services. Of that smaller group, the majority use addresses hosted by exchanges, mostly high-risk exchanges that have low or no KYC (Know Your Customer) requirements.

Chainalysis states that crypto currency users are under threat from malware like information steals, clippers, and trojans. Malware clippers allow attackers to replace text that the user has copied. All of these types of malware are available on dark web sites for relatively small amounts of money. For example, one information stealer called Redline is advertised on Russian cyber crime forums for $150 a month. 

For most cyber criminals seeking to steal crypto currency, it is likely that they will make the money they paid for the malware back within the span of a few attacks. Chainalysis say that the cheap access to malware families such as Redline means that even low-skilled cyber criminals can use them to steal crypto currency from unassuming targets. For crypto users, the threat continues to grow.

Heimdal Security:     Oodaloop:      Chainalysis:      ZDNet:     FuntiTech

You Might Also Read: 

Ransomware And Its Criminal Use:

 

« Red Cross Hacked - Half A Million Victims At Risk
Making Open-Source Software Safer »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LogmeOnce

LogmeOnce

LogmeOnce provides users with solution to multiple Password problems, Single Sign-On (SSO), and Identity Management.

Infiltrate

Infiltrate

INFILTRATE is a deep technical conference that focuses entirely on offensive security issues.

HSB

HSB

HSB offers insurance for equipment breakdown, cyber risk, data breach, identity recovery & employment practices liability.

Electric Power Research Institute (EPRI)

Electric Power Research Institute (EPRI)

The Electric Power Research Institute’s Cyber Security Research Laboratory (CSRL) addresses the security issues of critical functions of electric utilities.

Newberry Group

Newberry Group

The Newberry Group provides comprehensive IT services and solutions that optimize operations, minimize risk and deliver measurable business value.

Visible Statement

Visible Statement

Visible Statement is a computer-based delivery system designed to insure the retention and recall of your most important security training messages.

QuoIntelligence

QuoIntelligence

QuoIntelligence experts can help your team understand the evolving cyber threats and provide simple yet comprehensive recommendations so you can focus on what matters.

GitProtect.io

GitProtect.io

​GitProtect is a fully manageable, professional GitHub and Bitbucket backup and recovery software that protects repositories and metadata from any event of failure.

Xopero Software

Xopero Software

Xopero Software develops a comprehensive range of professional tools for protecting and restoring critical business data.

TheGreenBow

TheGreenBow

TheGreenBow is a trusted VPN software company. We help organizations and individuals become cyber-responsible. For this, we design and develop reliable and easy-to-use solutions.

Iconium Software

Iconium Software

DataLenz by Iconium offers continuous and real-time tracking of your data assets delivering you the tools you need to successfully reach and maintain your target security standards.

Datapac

Datapac

Datapac is one of Ireland’s largest and most successful ICT solutions and services providers. We have been at the forefront of technology innovation in Ireland for the past three decades.

Vault Cloud

Vault Cloud

Vault Cloud, Australia's National Cloud, is an Australian owned and operated company specialising in secure, sovereign, hyperscale cloud infrastructure.

Merlin Ventures

Merlin Ventures

Merlin Ventures is a strategic investor focused on driving growth and value for cybersecurity software companies with market-leading potential.

Mitigata

Mitigata

Welcome to Mitigata, your premier partner in cybersecurity insurance, defence, compliance, and consultancy.

Minsait Cyber

Minsait Cyber

Minsait Cyber (formerly SIA Group) is the Indra Group's cybersecurity company, a leader in Spain and Portugal in terms of both revenue and expert talent, with more than 2,000 specialists.