How
cryptocurrency is shaping today’s threat environment
cryptocurrency is shaping today’s threat environment
Cryptocurrency has
exploded as a popular way to support digital transactions. Since its creation,
users have discovered an array of different ways to leverage cryptocurrency,
including within mining strategies and digital wallets.
exploded as a popular way to support digital transactions. Since its creation,
users have discovered an array of different ways to leverage cryptocurrency,
including within mining strategies and digital wallets.
Expanded use cases and
interest helped propel the value of digital currency like Bitcoin. At the time
of this writing, the market price for Bitcoin stood at
over $9,450, with a market trade volume of more than $8.5
million, though the value of Bitcoin has fluctuated wildly over the past few
months.
interest helped propel the value of digital currency like Bitcoin. At the time
of this writing, the market price for Bitcoin stood at
over $9,450, with a market trade volume of more than $8.5
million, though the value of Bitcoin has fluctuated wildly over the past few
months.
At the same time,
however, a digital currency that was untraceable and unlinked to any specific
banking organization also considerably appealed to hackers. In addition to
legitimate uses and mining, cybercriminals have also taken advantage of
cryptocurrency, and this use is shaping the current threat environment.
however, a digital currency that was untraceable and unlinked to any specific
banking organization also considerably appealed to hackers. In addition to
legitimate uses and mining, cybercriminals have also taken advantage of
cryptocurrency, and this use is shaping the current threat environment.
The appeal of cryptocurrency
While many consider
2017 to be the year that cryptocurrency crossed over into the mainstream,
individuals have actually been using Bitcoin and other types of cryptocurrency
for several years now, representing a main driving force behind the blockchain
concept.
2017 to be the year that cryptocurrency crossed over into the mainstream,
individuals have actually been using Bitcoin and other types of cryptocurrency
for several years now, representing a main driving force behind the blockchain
concept.
At its most basic,
cryptocurrency can be thought of as digital or electronic money. However, a
main differentiating factor between cryptocurrency and other digital
transactions is the fact that currencies like Bitcoin don’t require the
verification or backing of a central bank or financial service provider.
cryptocurrency can be thought of as digital or electronic money. However, a
main differentiating factor between cryptocurrency and other digital
transactions is the fact that currencies like Bitcoin don’t require the
verification or backing of a central bank or financial service provider.
“Instead, it
uses cryptography to confirm
transactions on a publicly distributed ledger called the blockchain,
enabling direct peer-to-peer payments,” The Motley Fool contributor Adam Levy
wrote.
uses cryptography to confirm
transactions on a publicly distributed ledger called the blockchain,
enabling direct peer-to-peer payments,” The Motley Fool contributor Adam Levy
wrote.
Cryptocurrency offers
numerous benefits for white hat users, including streamlined digital
transactions and increased privacy. These same type of advantages, however,
also appealed to hackers who saw Bitcoin and other cryptocurrencies as the
ideal element to support malicious infections like ransomware. The fact that
the currency supports certain privacy benefits also makes it ideal
for enabling payments that cannot be tracked back to the malicious actor
behind an infection – and that’s just how cybercriminals have leveraged it.
numerous benefits for white hat users, including streamlined digital
transactions and increased privacy. These same type of advantages, however,
also appealed to hackers who saw Bitcoin and other cryptocurrencies as the
ideal element to support malicious infections like ransomware. The fact that
the currency supports certain privacy benefits also makes it ideal
for enabling payments that cannot be tracked back to the malicious actor
behind an infection – and that’s just how cybercriminals have leveraged it.
As Dr. Kevin Curran,
Ulster University professor of cybersecurity, told The Guardian contributor
Simon Usborne, the level of anonymity cryptocurrency enables was a capability
that hackers struggled with previously.
Ulster University professor of cybersecurity, told The Guardian contributor
Simon Usborne, the level of anonymity cryptocurrency enables was a capability
that hackers struggled with previously.
“The odd hacker here
or there could deliver a message to send money via Western Union or to a bank
account, but that transfer was
always traceable once the authorities were involved,”
Curran said.
or there could deliver a message to send money via Western Union or to a bank
account, but that transfer was
always traceable once the authorities were involved,”
Curran said.
This all considerably
changed with the emergence of cryptocurrency, which, as Usborne pointed out,
provides specific advantages that attracted hackers’ attention.
changed with the emergence of cryptocurrency, which, as Usborne pointed out,
provides specific advantages that attracted hackers’ attention.
“It offers two major
advantages for cybercriminals: by operating as a decentralized currency, in
which people pay each other without a middleman (like a bank or credit card
company), it provides a lot of anonymity,” Usborne wrote.
advantages for cybercriminals: by operating as a decentralized currency, in
which people pay each other without a middleman (like a bank or credit card
company), it provides a lot of anonymity,” Usborne wrote.
Supporting ransomware: Wallet hacking
One of the best
examples of cryptocurrency shaping today’s threat environment comes in
connection with the veritable tidal wave of ransomware attacks that have taken
place in recent years. These attacks include strong encryption to block
legitimate user access as well as a ransom demanding payment in the form of
untraceable cryptocurrency for the decryption key. In this way, Bitcoin and
cryptocurrency led to the significant rise and continued success of malicious
ransomware infections.
examples of cryptocurrency shaping today’s threat environment comes in
connection with the veritable tidal wave of ransomware attacks that have taken
place in recent years. These attacks include strong encryption to block
legitimate user access as well as a ransom demanding payment in the form of
untraceable cryptocurrency for the decryption key. In this way, Bitcoin and
cryptocurrency led to the significant rise and continued success of malicious
ransomware infections.
As Trend Micro reported,
hackers have even begun upcycling older ransomware threats to include new
cryptocurrency-centered malicious capabilities. One instance encompasses the
Cerber ransomware family, which has seen developments in the past. Most
recently, hackers had leveraged Cerber for cryptocurrency
theft.
hackers have even begun upcycling older ransomware threats to include new
cryptocurrency-centered malicious capabilities. One instance encompasses the
Cerber ransomware family, which has seen developments in the past. Most
recently, hackers had leveraged Cerber for cryptocurrency
theft.
A current Cerber infection
still includes many familiar elements: infection typically begins with a
malicious emailed file attachment which delivers the Cerber variant. This
newest version enables the ransomware to target Bitcoin wallets, in addition to
encrypting and blocking access to files.
still includes many familiar elements: infection typically begins with a
malicious emailed file attachment which delivers the Cerber variant. This
newest version enables the ransomware to target Bitcoin wallets, in addition to
encrypting and blocking access to files.
“How it goes about
this is relatively simple: it targets the wallet files of three Bitcoin wallet
applications (the first-party Bitcoin Core wallet, and the third-party wallets
Electrum and Multibit),” Trend Micro researchers Gilbert Sison and Janus
Agcaoili wrote. “It also deletes the wallet files once they have been sent to
the servers, adding to the injury of victims.”
this is relatively simple: it targets the wallet files of three Bitcoin wallet
applications (the first-party Bitcoin Core wallet, and the third-party wallets
Electrum and Multibit),” Trend Micro researchers Gilbert Sison and Janus
Agcaoili wrote. “It also deletes the wallet files once they have been sent to
the servers, adding to the injury of victims.”
Successful theft would
still require hackers to steal, guess or otherwise breach the password
protection on the victim’s wallet. However, because Cerber is able to steal
saved passwords from Internet Explorer, Chrome and Firefox, this isn’t a difficult
jump for hackers to make.
still require hackers to steal, guess or otherwise breach the password
protection on the victim’s wallet. However, because Cerber is able to steal
saved passwords from Internet Explorer, Chrome and Firefox, this isn’t a difficult
jump for hackers to make.
Cryptocurrency is attractive to cybercriminals
and has shaped the current threat landscape. This ransomware-driven
cryptocurrency wallet hacking comes on top of other attempts to break into
victims’ cryptocurrency repositories. This has become a popular pursuit, with
wallets being treated as low-hanging fruit for hackers who know the currency can’t
be traced.
and has shaped the current threat landscape. This ransomware-driven
cryptocurrency wallet hacking comes on top of other attempts to break into
victims’ cryptocurrency repositories. This has become a popular pursuit, with
wallets being treated as low-hanging fruit for hackers who know the currency can’t
be traced.
As Fortune reported,
though, particularly flagrant attackers that steal the contents of digital
wallets are now being uncovered. One Ukrainian hacker called Coinharder has
been identified, and has stolen over $50 million in
cryptocurrency using a tactic involving malicious Google
advertisements targeting individuals who search for keywords like “blockchain”
or “bitcoin wallet.” The ads, purchased by hackers, display links to websites
posing as legitimate marketplaces for cryptocurrency wallets, but actually
steal digital currency.
though, particularly flagrant attackers that steal the contents of digital
wallets are now being uncovered. One Ukrainian hacker called Coinharder has
been identified, and has stolen over $50 million in
cryptocurrency using a tactic involving malicious Google
advertisements targeting individuals who search for keywords like “blockchain”
or “bitcoin wallet.” The ads, purchased by hackers, display links to websites
posing as legitimate marketplaces for cryptocurrency wallets, but actually
steal digital currency.
“Fooled into believing
they had come to the right place, victims then entered private information that
allowed hackers to gain access to their actual wallets and take their digital
money,” explained Fortune contributor Jen Wieczner.
they had come to the right place, victims then entered private information that
allowed hackers to gain access to their actual wallets and take their digital
money,” explained Fortune contributor Jen Wieczner.
As cryptocurrency
continues to explode in popularity among consumers and other users, chances are
very good that attempts to steal from cryptocurrency wallets will continue in
the near future.
continues to explode in popularity among consumers and other users, chances are
very good that attempts to steal from cryptocurrency wallets will continue in
the near future.
Cryptocurrency mining: Coming to mobile
Supporting ransomware
and digital wallet theft aren’t the only ways in which cryptocurrency has
shifted the current threat landscape. Hackers are also working to take
advantage of the recent cryptocurrency mining push, which essentially rewards
users with cryptocurrency for adding blocks of amassed transactions to the
blockchain publicly distributed ledger.
and digital wallet theft aren’t the only ways in which cryptocurrency has
shifted the current threat landscape. Hackers are also working to take
advantage of the recent cryptocurrency mining push, which essentially rewards
users with cryptocurrency for adding blocks of amassed transactions to the
blockchain publicly distributed ledger.
As Trend Micro
reported in its 2017 Annual Security Roundup report, hackers have even
attempted to bring cryptocurrency mining capabilities to the mobile malware
environment. Trend Micro even discovered several malicious cryptocurrency
mining apps in the Google Play store in the fall of 2017.
These leverage the victim device’s CPU for mining activity which benefits the
hacker.
reported in its 2017 Annual Security Roundup report, hackers have even
attempted to bring cryptocurrency mining capabilities to the mobile malware
environment. Trend Micro even discovered several malicious cryptocurrency
mining apps in the Google Play store in the fall of 2017.
These leverage the victim device’s CPU for mining activity which benefits the
hacker.
“The efficacy of
mobile devices to actually produce cryptocurrency in any meaningful amount is
still doubtful,” Trend Micro’s Jason Gu, Veo Zhang and Steven Shen stressed.
“However, the effects on users of affected devices are clear: increased device
wear and tear, reduced battery life, comparably slower performance.”
mobile devices to actually produce cryptocurrency in any meaningful amount is
still doubtful,” Trend Micro’s Jason Gu, Veo Zhang and Steven Shen stressed.
“However, the effects on users of affected devices are clear: increased device
wear and tear, reduced battery life, comparably slower performance.”
To find out more about
the ways in which cryptocurrency has impacted today’s risk landscape, download
Trend Micro’s full 2017 Annual Security Roundup: The Paradox of Cyberthreats.
the ways in which cryptocurrency has impacted today’s risk landscape, download
Trend Micro’s full 2017 Annual Security Roundup: The Paradox of Cyberthreats.
For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!
