A rise in cheap, easy-to-use malware means it's easier than ever for cybercriminals to steal cryptocurrency.
Cryptocurrency has long been a popular target for organized cybercriminals, whether they steal it directly from cryptocurrency exchanges, or demanding it as an extortion payment in ransomware attacks.
But the growing value of cryptocurrency means that it has quickly become a key target for cybercriminals and they are launching more and more attacks aimed at steal cryptocurrencies from the wallets of individual users.
Investigate by Chainalysis warns that cryptocurrency users are increasingly threatened by malware, including data stealers, clippers, which allow attackers to replace text the user has copied, redirecting cryptocurrency to their own wallets, and trojans, all of which can be purchased for what is described as "relatively little money" on cybercriminal forums.
For example, a form of info-stealer malware called Redline is advertised on Russian cybercrime forums at $150 for a month's subscription or $800 for "lifetime" access. For a cybercriminal looking to steal cryptocurrency, it is unfortunately very likely that they will recover the money paid for the malware with a handful of attacks.
The illicit service also provides users with a tool that allows attackers to encrypt malware to make it more difficult for antivirus software to detect, increasing the likelihood that attacks will steal cryptocurrency from compromised victims.
"The proliferation of cheap access to malware families like Redline means that even relatively unskilled cybercriminals can use them to steal cryptocurrency," the report warns.
Overall, the malware families in the report received 5,974 victim transfers in 2021, down from 5,449 in 2020, though that's significantly less than 2019, when there were more than 7,000 transfers.
SEE: A winning strategy for cybersecurity (ZDNet special report)
But Redline is just one example of malware designed to steal cryptocurrency, and there is a growing market in this space.
Of the incidents tracked, Crypobot, an information thief, was the most prolific theft of cryptocurrency wallets and account credentials, stealing nearly half a million dollars worth of cryptocurrency in 2021.
In addition to this, success in stealing cryptocurrency from users could easily push more ambitious cybercriminals into targeted organizations and even cryptocurrency exchanges, which means that the threat of cybercriminals targeting crypto wallets and Credentials is something organizations need to consider.
"The cybersecurity industry has been dealing with malware for years, but the use of these malicious programs to steal cryptocurrencies means that cybersecurity teams need new tools in their toolbox," says the blog post.
โSimilarly, crypto enforcement teams that are already well-versed in blockchain analytics need to educate themselves on malware to ensure these threat actors do not take advantage of their platforms to launder stolen crypto,โ he said. .
MORE ABOUT CYBERSECURITY
