Top 5 Crypto Crime Trends: Cryptojacking Malware, Botnets, Trojan Horses, Phishing and Sextortion
Cryptocurrency is no stranger to dubious tactics by those who are looking to cheat the system – and those who use it. Several digital security companies, such as Kaspersky Labs, have been trying to provide cryptocurrency users and services with the tools and resources they need to combat against the troublesome tactics. Here are just a few threats that the cryptocurrency community faces, according to Kaspersky Labs:
The Trojan Horse
Today’s Trojan Horse comes in digital form, yet it still has the same effect as those mentioned in Homer’s The Odyssey. This version came in the form of a digital threat called “Rakhni” that worked to steal cryptocurrency. This technology tends to evolve, which makes it more dubious for protective software and challenging for users. The horse first determines whether a user has bitcoin-related elements on their computer and if so, it will encrypt and demand that the user provide a ransom. If none exist, then it will take the users’ computing power to generate cryptocurrency.
Social Engineering And Phishing
This particular threat is targeted toward newbies. There have been over 100,000 attempts to redirect internet users to fake pages – especially on cryptocurrency exchanges. Once the target reaches those pages, they may divulge sensitive information that puts them in a poor position. According to Kaspersky, “Scammers also try to use the speculation around cryptocurrencies to trick people who don’t have a wallet: they lure them to fake crypto wallet sites, promising registration bonuses, including cryptocurrency. In some cases, they harvest personal data and redirect the victim to a legitimate site. In others, they open a real wallet for the victim, which is compromised from the outset.”
Crypto Mining Botnets
This threat is a network of computers that have been infected with malware and that can be remotely controlled. The botnets release malware onto one’s computer using spam or through a Distributed Denial-of-Service Attack. In addition, they’re also being used to mine crypto. Researchers determined that botnets have been spreading crypto mining malware – much of it this year. As the security platform explains, “[T]he fact [is] that attacks are multi-stage and growing in complexity. Increasingly, botnets are leased according to the needs of the customer, so in many cases its difficult to pinpoint the ‘specialization’ of the botnet.”
Sextortion comes in the form of a email and it is one of the most prominent scams. Here, scammers try to use stolen passwords to create that a computer has been compromised and the hacker then creates a digital video of the user watching pornography. The scammer then attempts to threaten the computer user with the video and demands cryptocurrency. As Kaspersky explains, “The scammer includes a legitimate password in the message, in a bid to convince the victim that they have indeed been compromised. It seems that the passwords used are real, although in some cases at least they are very old. The passwords were probably obtained in an underground market and came from an earlier data breach.”
Malware On Mac OS
Last, this system is fondly known by many as “Lazarus” that has been attacking businesses and financial entities. This threat has been able to get into various cryptocurrency exchanges, companies, banks, and the like and then trick users to download fake cryptocurrencies. According to Kaspersky, “It would seem that in the chase after advanced users, software developers from supply chains and some high-profile targets, threat actors are forced to develop Mac OS malware tools. The fact that the Lazarus group has expanded its list of targeted operating systems should be a wake-up call for users of non-Windows platforms.”
The take away here is to always protect one’s computer system and to think through before clicking.