SAAS Malware Used To Attack Crypto Wallets

Uploaded on 2022-01-24 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The availability of  of cheap and easy-to-use malware on Dark Web markets means that it has never been easier for cyber criminals to steal crypto currencies.  In most cases, industry observers focus on attacks against large organisations, hacks of crypto currency exchanges or ransomware attacks against critical infrastructure. 

Now, hackers are have begun to use this readily available malware to steal smaller amounts of crypto-currency from individual users. 

Crypto currency has been a popular target for cyber criminals, whether they are stealing it via crypto-currency exchanges or demanding it as an extortion payment in ransomware attacks. Now blockchain software experts at Chainalysis  are warning there has been a significant increase in cheap malware available and easy to use by hackers who want to steal crypto-currency from users, resulting in a significant increase of crypto currency theft. 

Crypto Currency & Malware 

The growing value and use of crypto currency means that criminals increasingly launch attacks that aim to steal the money from the digital wallets of individual users. 

Malware refers to malicious software that carries out harmful activity on a victim’s device, usually without their knowledge. This can be as simple as stealing information or money from victims, but can also be much more complex and grand in scale.  For instance, malware operators who have infected enough devices can use those devices as a botnet, having them work in concert to carry out distributed denial-of-service (DDOS) attacks, commit ad fraud, or send spam emails to spread the malware further. 

The vast majority of malware operators receive initial victim payments at private wallet addresses, though a few use addresses hosted by larger services. Of that smaller group, the majority use addresses hosted by exchanges, mostly high-risk exchanges that have low or no KYC (Know Your Customer) requirements.

Chainalysis states that crypto currency users are under threat from malware like information steals, clippers, and trojans. Malware clippers allow attackers to replace text that the user has copied. All of these types of malware are available on dark web sites for relatively small amounts of money. For example, one information stealer called Redline is advertised on Russian cyber crime forums for $150 a month. 

For most cyber criminals seeking to steal crypto currency, it is likely that they will make the money they paid for the malware back within the span of a few attacks. Chainalysis say that the cheap access to malware families such as Redline means that even low-skilled cyber criminals can use them to steal crypto currency from unassuming targets. For crypto users, the threat continues to grow.

Heimdal Security:     Oodaloop:      Chainalysis:      ZDNet:     FuntiTech

You Might Also Read: 

Ransomware And Its Criminal Use:

 

« Red Cross Hacked - Half A Million Victims At Risk
Making Open-Source Software Safer »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Business Intelligence Associates (BIA)

Business Intelligence Associates (BIA)

BIA's TotalDiscovery is a defensible and cost-effective corporate preservation and legal compliance software solution.

Intruder

Intruder

Intruder is a cloud-based vulnerability scanner that finds cyber security weaknesses in your digital infrastructure, to avoid costly data breaches.

Mitol PerfectBackup

Mitol PerfectBackup

Mitol PerfectBackup provide Enterprise Online Backup, Disaster Recovery and Cloud Computing Services.

Secure360

Secure360

Secure360 focuses on the following key areas: governance, risk and compliance, information security, physical security, business continuity management, and professional development.

SharkGate

SharkGate

SharGate provide a cloud-based website security solution to protect websites from being hacked.

International Computer Science Institute (ICSI)

International Computer Science Institute (ICSI)

ICSI is a leading independent, nonprofit center for research in computer science. Research areas include network security and privacy.

Tukan IT

Tukan IT

Tukan IT provides a data classification and protection solution.

Quokka

Quokka

Quokka (formerly Kryptowire) is the source for mobile security and privacy solutions, staying steps ahead of the threat and delivering peace of mind.

StartupXseed Ventures

StartupXseed Ventures

StartupXseed Ventures is a smart capital provider for Deep Tech, B2B, Early Stage Startups. We support, NextGen Tech Entrepreneurs, who have potential to deliver the outsized growth.

HacWare

HacWare

HacWare is a data driven cybersecurity awareness product that leverages machine learning and behavior analytics help IT professionals combat phishing.

Kiberna

Kiberna

Kiberna are a small but niche company specialising in data driven security to manage your cyber risks.

PROVINTELL Cyber Security

PROVINTELL Cyber Security

PROVINTELL is a Managed Security Service Provider (MSSP) specialising in Next-Gen Cyber Defense and Response to detect and respond to threats.

Athena7

Athena7

Athena7 is a dedicated assessment practice committed to helping organizations understand how their infrastructure, backups, and security controls will withstand the latest threat actor tactics.

Diverto

Diverto

Diverto is a company that provides a high level of information security to companies, institutions and other organisations in an information-centric world.

Keeran Networks

Keeran Networks

Established in Edmonton in 1999, Keeran specializes in delivering comprehensive IT support and solutions aimed at optimizing technology investments for businesses.

ClearSale (CLSA3)

ClearSale (CLSA3)

Clearsale’s innovative fraud solutions combine advanced technology with a passionate team of seasoned experts that understand every client’s unique needs.