As predicted, the rise of cryptocurrency valuation has captured the attention of cybercriminals. New hacks, thefts, misuse, and fraud schemes are on the rise. Where there is value, there will be a proportional risk of theft.
Criminals always pursue and exploit systems where they can achieve personal financial gain. It is the Willie Sutton effect: “That’s where the money is”.
This month we have seen a number of different cryptocurrency related malicious activities targeting customers and companies. Unsuspecting people’s computers and phones have been hijacked by attackers to mine cryptocoins, malware that targets crypto-keys is on the rise, fake Bitcoin wallet apps are appearing in App Stores, and a Bitcoin exchange was permanently shut down due to multiple hacks.
The creativity and persistence of cybercriminals is impressive and only likely to increase over time.
Greedy North Korean Hackers Targeting Cryptocurrencies and Point-of-Sale Terminals
News Link: https://thehackernews.com/2017/12/lazarus-hacking-bitcoin.html
Comment: What is believed to be nation-state malware, is installing a Remote Access Trojan (RAT) that enables the theft of cryptocurrency credentials of users and exchanges. Whomever is behind this malware is interested, among other things, harvesting valuable digital currency. Financial gain is a tremendous motivation for so many different cyber threats, potentially even nation run cyber-criminal programs!
Hackers Targeting Servers Running Database Services for Mining Cryptocurrency
News Link: https://thehackernews.com/2017/12/chinese-hacking-databases.html
Comment: Sophisticated hackers are also targeting beefy database servers to harvest data, install cryptocoin mining software, Remote Access Trojans (RAT), botnet control functions, and likely to use them as a launching pad to propagate attacks against systems connecting to the database.
Starbucks Wi-Fi hijacked customers’ laptops to mine cryptocoins
Comment: Want crypto-coin stealing malware with your coffee? Another free-WiFi risk to add to the bonfire. CoinHive, a JavaScript miner, infected users at a Starbucks to use customer’s laptops to mine cryptocoin for the attackers.
Cryptocurrency Mining Scripts Now Run Even After You Close Your Browser
News Link: https://thehackernews.com/2017/11/cryptocurrency-mining-javascript.html
Comment: Websites can harvest the power of visitor’s systems to mine for cryptocurrency. Working through the web browsers, JavaScript code running the background can tap into PC resources to use CPU cycles to mine for crypto coins. This can happen openly or covertly. Some sites are using this to supplement regular advertising. Some sites are being hacked and inadvertently supporting cybercriminals. One disturbing advancement is that the process can continue to run in the background even after navigating away from the site or closing the browser window.
Bitcoin Exchange Shuts Down After Getting Hacked a Second Time This Year
Comment: Cybersec Lesson #42: If you can't protect your digital assets from cyber-threats, it can cost you the business. This cryptocurrency exchange is filing bankruptcy and closing. It cites the two hacks which drained significant assets as the cause.
Massive Brute-Force Attack Infects WordPress Sites with Monero Miners
Comment: The WordPress community has been a favorite target of hackers for some time. The latest attack involves hackers using brute-force techniques to gain administrative access to websites then installing crypto mining malware. This has turned a profit for the criminals to the tune of more than $100 thousand dollars. With that type of reward, don’t expect this tactic to end anytime soon.
Beware of Cryptocurrency Mining Virus Spreading Through Facebook Messenger
News Link: https://thehackernews.com/2017/12/cryptocurrency-hack-facebook.html
Comment: Beware, a new cryptocurrency mining-bot is making the rounds through Facebook Messenger. The malware allows attackers to siphon CPU cycles from the victim as part of a cryptocoin mining scheme. As a bonus, it then hijacks their Facebook account to send itself to the victims’ friends.
Google Removes Three Fake Bitcoin Wallet Apps From Google Play
News Link: http://www.eweek.com/security/google-removes-three-fake-bitcoin-wallet-apps-from-google-play
Comment: We will see more of these c. App Stores need to pay extra care in vetting crypto wallet apps. Much thanks to the Lookout security team for spotting these and Google for quickly removing them from the App Store.
Image Sources:
- https://thehackernews.com/2017/12/lazarus-hacking-bitcoin.html
- https://thehackernews.com/2017/12/chinese-hacking-databases.html
- https://nakedsecurity.sophos.com/2017/12/14/starbucks-wi-fi-hijacked-customers-laptops-to-mine-cryptocurrency/
- https://thehackernews.com/2017/11/cryptocurrency-mining-javascript.html
- https://www.bleepingcomputer.com/news/security/bitcoin-exchange-shuts-down-after-getting-hacked-a-second-time-this-year/
- https://www.bleepingcomputer.com/news/security/massive-brute-force-attack-infects-wordpress-sites-with-monero-miners/
- http://blog.trendmicro.com/trendlabs-security-intelligence/digmine-cryptocurrency-miner-spreading-via-facebook-messenger/
- http://www.eweek.com/security/google-removes-three-fake-bitcoin-wallet-apps-from-google-play
Interested in more? Follow me on your favorite social sites for insights and what is going on in cybersecurity: LinkedIn, Twitter (@Matt_Rosenquist), YouTube, Information Security Strategy blog, Medium, and Steemit
I see this getting so much worse as Bitcoin/crypto grows. Its where the money is! How can we outsmart these hackers?
It will get worse before it gets better. The good news is that the cryptocurrency and blockchain communities are brilliant and will respond quickly to attacks. The problem is that the attackers are equally creative and motivated to do harm. It is a constant battle.
I guess it's true that where there's value, there's theft risk, as you said. also, love the format!!
I don't think North Korea can change much without there knowledge of the world out side of North Korea.
Greed fuels these criminal attacks. I suppose we should be flattered, but I am not. With all the benefits of blockchain and crypto, criminals continue to find ways to victimize others. We are just at the beginning.
Greed Principle: "if someone can steal $10 from you today, they will attempt to steal $15 from you tomorrow"
One of the main issues cybercriminals had is to clean the money, cryptocurrency is like paradise because there is not trace or identity related.
Thanks for sharing
Good point. Easy to move and mix cryptocurrency.
Everywhere where are virtual or hard values there are also criminals. Effective methods to defend are existing but they are different and you should know them. 😎
Criminals can be creative and persistent. Which is probably why crime continues to exist everywhere.
It's sad that people are taking advantage of this bitcoin trend. In our country, there are multiple scams that use bitcoin as bait.
I fear it will just get worse. At prices rise, the rewards that attackers gain will fuel them to press even harder to find new and creative ways.
It's only a matter of time until the shit really hits the fan. I can see hackers starting to improve their methods and the existing methods becoming more widespread as the crypto economy surges.
Good post.
Their greed will only increase as the value of crypto gets higher.
They will be able to scale better, which will draw even more people to start fraudulent activities.
We always need to take the times to learn and get informed about security and take some precautions. Also, not to click any suspicious links.
Good advice!