Recently, researchers have disclosed that hackers are obsessed with Cryptocurrency attacks. Read on to know more…
Attacks on cryptocurrency applications and platforms where transactions are conducted using crypto tokens, are spreading like wildfire. Recently, admins of Empire Market, the world’s biggest dark web marketplace that allegedly suffered a massive DDoS attack on August 23, could have exited the market and pocketed $30 million in cryptocurrency for themselves. Cryptocurrency theft is growing both in terms of frequency of attacks and breadth of targets.
Recent Attack
Recently, the researchers have revealed that the cryptocurrency based attacks have made headlines. Researchers at Abnormal Security have uncovered a phishing campaign targeting clients of the Bitcoin Era trading platform. The criminals were spotted sending emails purporting to be from BTC Era, encouraging users to pay for what they would see as an investment. Fraudsters would then ask for a minimum deposit of $250 to get started with trading on the platform. Attackers leveraged Constant Contact, an email marketing provider, to deliver the attack into the inbox of multiple recipients at one go.
Working Mechanism
An automated email arrives addressed in the recipient’s name offering them to make a BTC transaction after making a minimum deposit of $250. The mail contains a malicious URL with the text “create an account.” Clicking on it redirects users on the theverifycheck[.]com webpage. The landing page displays a pop-up alert request permission to show notifications from the website. If a user gives permission, Adware starts running on their device. The infected website will also monitor the user’s behavior to launch targeted ads and spam through malware.
Past Cryptocurrency Threats
A few weeks ago, a mysterious threat actor added 380 malicious servers to the Tor network to perform SSL stripping attacks on users accessing cryptocurrency-related sites via the Tor Browser. Meanwhile, a multi-modular Prometei botnet campaign — active since March 2020 — was seen mining the Monero cryptocurrency. Till the time of reporting, it was generating $1,250 per month on average.
In early August, hackers broke into the cryptocurrency trading platform, 2gether, and stole nearly $1.4 million in crypto funds stored in investment accounts. Last month, thieves swindled over $3 million in Bitcoin from Cashaa by breaking into one of the exchanges’ digital wallets.
In late June, the security firm ClearSky Cyber Security reported that a hacking group dubbed CryptoCore has stolen more than $200 million in virtual currency from several cryptocurrency exchanges across the world over the past two years. The CryptoCore gang has used spear-phishing emails and social engineering techniques to target employees and executives at cryptocurrency exchanges, mainly in the U.S. and Japan, according to the ClearSky analysis.
In mid-August, the U.S. Justice Department seized 300 cryptocurrency accounts, four websites, and four Facebook pages, as well as $2 million in cryptocurrency assets linked to ISIS, al Qaeda, and the al Qassam Brigades. A few days later, Ukraine authorities busted a cybercrime gang that ran 20 cryptocurrency exchanges and laundered more than $42 million to help other criminal groups.
A Brief Conclusion
With rampant ransomware attacks, security experts advise organizations and individuals to stay informed on emerging threats and techniques. Meanwhile, cyber teams must know how to quantify and prioritize crucial threats, and identify emerging threats actors.