SAAS Malware Used To Attack Crypto Wallets

Uploaded on 2022-01-24 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The availability of  of cheap and easy-to-use malware on Dark Web markets means that it has never been easier for cyber criminals to steal crypto currencies.  In most cases, industry observers focus on attacks against large organisations, hacks of crypto currency exchanges or ransomware attacks against critical infrastructure. 

Now, hackers are have begun to use this readily available malware to steal smaller amounts of crypto-currency from individual users. 

Crypto currency has been a popular target for cyber criminals, whether they are stealing it via crypto-currency exchanges or demanding it as an extortion payment in ransomware attacks. Now blockchain software experts at Chainalysis  are warning there has been a significant increase in cheap malware available and easy to use by hackers who want to steal crypto-currency from users, resulting in a significant increase of crypto currency theft. 

Crypto Currency & Malware 

The growing value and use of crypto currency means that criminals increasingly launch attacks that aim to steal the money from the digital wallets of individual users. 

Malware refers to malicious software that carries out harmful activity on a victim’s device, usually without their knowledge. This can be as simple as stealing information or money from victims, but can also be much more complex and grand in scale.  For instance, malware operators who have infected enough devices can use those devices as a botnet, having them work in concert to carry out distributed denial-of-service (DDOS) attacks, commit ad fraud, or send spam emails to spread the malware further. 

The vast majority of malware operators receive initial victim payments at private wallet addresses, though a few use addresses hosted by larger services. Of that smaller group, the majority use addresses hosted by exchanges, mostly high-risk exchanges that have low or no KYC (Know Your Customer) requirements.

Chainalysis states that crypto currency users are under threat from malware like information steals, clippers, and trojans. Malware clippers allow attackers to replace text that the user has copied. All of these types of malware are available on dark web sites for relatively small amounts of money. For example, one information stealer called Redline is advertised on Russian cyber crime forums for $150 a month. 

For most cyber criminals seeking to steal crypto currency, it is likely that they will make the money they paid for the malware back within the span of a few attacks. Chainalysis say that the cheap access to malware families such as Redline means that even low-skilled cyber criminals can use them to steal crypto currency from unassuming targets. For crypto users, the threat continues to grow.

Heimdal Security:     Oodaloop:      Chainalysis:      ZDNet:     FuntiTech

You Might Also Read: 

Ransomware And Its Criminal Use:

 

« Red Cross Hacked - Half A Million Victims At Risk
Making Open-Source Software Safer »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ECSC Group

ECSC Group

ECSC is a full-service information security provider, specialising in 24/7/365 security breach detection and Artificial Intelligence (AI).

LogRhythm

LogRhythm

LogRhythm's security platform unifies SIEM, log management, network and endpoint monitoring, user behaviour analytics, security automation and advanced security analytics.

LRQA

LRQA

LRQA are a leading global assurance provider, bringing together unrivalled expertise in certification, brand assurance, cybersecurity, inspection and training.

ClickDatos

ClickDatos

ClickDatos specializes in consulting, auditing, data protection training, accredited by ISO/IEC 27001 certification.

Merlin Cyber

Merlin Cyber

Merlin is a premier cybersecurity platform that leverages security technologies, trusted relationships, and capital to develop and deliver groundbreaking security solutions.

Pryv

Pryv

Pryv is a Swissmade software for privacy, personal data collection, usage, sharing and storage.

Secure Recruitment

Secure Recruitment

Secure Recruitment is a specialist Executive Search business that focuses its efforts on attracting specific exceptional talent in Cyber Security.

Startups.be

Startups.be

Startups.be helps tech entrepreneurs to be successful by providing quality access to service providers, business partners, customers and investors.

GoSecure

GoSecure

GoSecure Managed Detection and Response helps all organizations reduce dwell time by preventing breaches before they happen.

RapidScale

RapidScale

RapidScale’s managed cloud solutions provide reliable, innovative, and secure services, all complete with white-glove service and full management options.

Systems Assessment Bureau (SAB)

Systems Assessment Bureau (SAB)

Systems Assessment Bureau is an internationally recognized ISO Certification Body with a unique vision of “Excel together with global standards”.

Allurity

Allurity

Allurity is a group of tech-enabled cybersecurity service providers, comprised of best-in-class experts with a common mission to enable a safe digital world.

NSI Global

NSI Global

NSI Global is a specialist Global Risk and Intelligence Advisory Firm that has built a reputation for consistently managing complex projects.

Vector Choice Technologies

Vector Choice Technologies

Vector Choice Technology Solutions has a long standing reputation in cyber security consulting since 2008.

ZENDATA

ZENDATA

ZENDATA are an innovative provider of intelligent, tailored cybersecurity solutions to global companies and public sector institutions.

StrongDM

StrongDM

StrongDM is the leader in Zero Trust Privileged Access Management (PAM).