Cryptocurrency Cybercrime Surging In The UK

Uploaded on 2018-07-03 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Cybercrime involving cryptocurrencies is on the rise.The UK’s national reporting center for fraud and cybercrime, Action Fraud, has receently issued warnings about a new phishing campaign using the infamous WannaCry ransomware.

Increase in Ransomware
Action Fraud recently claimed that it had already received 300 reports over recent days about the scam emails, which attempt to trick readers into believing they have an infected computer. 

The emails claim that users’ devices are hacked and that files will be deleted unless a fine is paid in Bitcoin. In reality, the emails are just a phishing exercise used to extort money from unknowing victims.

“The WannaCry emails are designed to cause panic and trick you into believing that your computer is infected with WannaCry ransomware,” Action Fraud said in an alert. 

“In reality the emails are just a phishing exercise to try and extort money. The emails claim that all of your devices were hacked and your files will be deleted unless you pay a fine to the fraudsters in Bitcoin.”

It was last May when reports surrounding WannaCry’s ransomware attacks first appeared. The attacks infected more than 250,000 computers in 150 countries. In the UK, the attacks were widely publicized, having disrupted over 1/3 of National Health Service (NHS) Trusts as well as 600 independent practitioners, causing the cancellation of an estimated 19,000 appointments and operations.

Action Fraud has been called upon several times already to warn UK citizens of scams using WannaCry as bait, although most happened in the weeks following the initial outbreak.  Other examples of attacks saw BT Group-branded phishing emails that urged users to click to confirm a security update apparently carried out by the communications giant to protect them following the initial attacks. Unfortunately, users were tricked.

“One victim fell for the scam after calling a ‘help’ number advertised on a pop-up window. The window which wouldn’t close said the victim had been affected by WannaCry Ransomware,” Action Fraud said. 

“The victim granted the fraudsters remote access to their PC after being convinced there wasn’t sufficient anti-virus protection. The fraudsters then installed Windows Malicious Software Removal Tool, which is actually free and took £320 as payment.”
Action Fraud offers several tips on how to protect oneself from attacks from WannaCry and similar ransomware:

“If you receive one of these emails, delete it and report it to us. Do not email the fraudsters or make the payment in Bitcoin. Additionally, you should always update your Anti-Virus software and operating systems regularly and follow our advice on how to deal with ransomware.”

Crypto and Cybercrime
The largest category of cybercrime involving cryptocurrency so far in 2018 have been exchange-related which have accounted for up to 27% of attacks. The second largest group of victims of cybercrime were regular people and businesses. According to the cybersecurity firm Carbon Black, these made up 21% of the total crimes involving crypto-currency. 

The most common method used is ransomware like WannaCry, although there are others, like crypto-jacking (illegal coin mining).

According to Helge Husemann, product manager for internet security firm Malwarebytes, crypto-jacking as a form of cybercrime has been on the rise. Just last year YouTube experienced a threefold increase in illegal coin mining via malware-embedded ads. 

He also noted that Showtime, Browsealoud, as well as UK government websites, and more, fell victim to illegal mining scams. Some of these went undetected for several months, netting the hackers behind the attacks hefty profits. 

Husemann said that on average, Malwarebytes has been blocking eight million malicious mining attempts per day, equating to an astonishing 248 million per month.

“The illicit gains from illegal crypto-mining contribute to financing the criminal ecosystem, costing billions of dollars in losses and disruption of business services from compromised assets.”

NewsBTC

You Might Also Read: 

Bitcoin Exchanges Under Siege:

Cryptocurrency Malware Theft Is Worth Millions:
 

 

« Is GDPR Good For SME Data?
A Brief History Of Cyber-Deterrence »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

PlaxidityX

PlaxidityX

PlaxidityX (formerly Argus Cyber Security) is a global leader in mobility cyber security, provides DevSecOps, vehicle protection and fleet protection technologies and services.

Referentia

Referentia

Referentia leads the development of critical infrastructure solutions that benefit society, including cyber security and network performance management.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) is the Directorate of MCIT responsible for the security of critical information infrastructures in Afghanistan.

Cynterra

Cynterra

Cynterra is a next generation cloud cyber security and data analytical service provider offering cloud security compliance, data protection, visibility and threat protection services.

Arkose Labs

Arkose Labs

Arkose Labs' Fraud and Abuse Platform combines Telemetry and adaptive Enforcement Challenges to break down the ROI of fraudsters and protect digital businesses.

Cirosec

Cirosec

Cirosec is a specialized company with a focus on information security. We carry out pentests & audits and advise our customers in the German-speaking countries on information and IT security issues.

Hyperion Gray

Hyperion Gray

Hyperion Gray are a small research and development team focused on innovative work in a variety of areas including Software & Security Research, Penetration Testing, Incident Response, and Red Teaming

TryHackMe

TryHackMe

TryHackMe is an online platform that teaches cyber security through short, gamified real-world labs. We have content for both complete beginners and seasoned hackers.

RNTrust

RNTrust

RNTrust provide solutions to meet today’s digital challenges utilizing digital technologies and services to make you more secured in digitally connected environment.

HackNotice

HackNotice

HackNotice Teams is an all-in-one encompassing tool that monitors threats within your organization, different vendors, and third parties whose services you use.

Acumera

Acumera

Acumera is a leader in managed network security, visibility and automation services.

1Touch.io

1Touch.io

1touch.io Inventa is an AI-based, sustainable data discovery and classification platform that provides automated, near real-time discovery, mapping, and cataloging of all sensitive data.

BluTinuity

BluTinuity

BluTinuity is a premier management consulting firm with a passion for information security, business continuity, incident response, disaster recovery, and HIPAA security.

Saidot

Saidot

Saidot is a Finnish AI governance and alignment company committed to helping businesses safely and transparently integrate AI into their operations.

Panasonic Automotive Systems

Panasonic Automotive Systems

Panasonic Automotive Systems brings together security technologies and human resources cultivated across an extensive range of businesses into the automotive field.