SAAS Malware Used To Attack Crypto Wallets

The availability of  of cheap and easy-to-use malware on Dark Web markets means that it has never been easier for cyber criminals to steal crypto currencies.  In most cases, industry observers focus on attacks against large organisations, hacks of crypto currency exchanges or ransomware attacks against critical infrastructure. 

Now, hackers are have begun to use this readily available malware to steal smaller amounts of crypto-currency from individual users. 

Crypto currency has been a popular target for cyber criminals, whether they are stealing it via crypto-currency exchanges or demanding it as an extortion payment in ransomware attacks. Now blockchain software experts at Chainalysis  are warning there has been a significant increase in cheap malware available and easy to use by hackers who want to steal crypto-currency from users, resulting in a significant increase of crypto currency theft. 

Crypto Currency & Malware 

The growing value and use of crypto currency means that criminals increasingly launch attacks that aim to steal the money from the digital wallets of individual users. 

Malware refers to malicious software that carries out harmful activity on a victim’s device, usually without their knowledge. This can be as simple as stealing information or money from victims, but can also be much more complex and grand in scale.  For instance, malware operators who have infected enough devices can use those devices as a botnet, having them work in concert to carry out distributed denial-of-service (DDOS) attacks, commit ad fraud, or send spam emails to spread the malware further. 

The vast majority of malware operators receive initial victim payments at private wallet addresses, though a few use addresses hosted by larger services. Of that smaller group, the majority use addresses hosted by exchanges, mostly high-risk exchanges that have low or no KYC (Know Your Customer) requirements.

Chainalysis states that crypto currency users are under threat from malware like information steals, clippers, and trojans. Malware clippers allow attackers to replace text that the user has copied. All of these types of malware are available on dark web sites for relatively small amounts of money. For example, one information stealer called Redline is advertised on Russian cyber crime forums for $150 a month. 

For most cyber criminals seeking to steal crypto currency, it is likely that they will make the money they paid for the malware back within the span of a few attacks. Chainalysis say that the cheap access to malware families such as Redline means that even low-skilled cyber criminals can use them to steal crypto currency from unassuming targets. For crypto users, the threat continues to grow.

Heimdal Security:     Oodaloop:      Chainalysis:      ZDNet:     FuntiTech

You Might Also Read: 

Ransomware And Its Criminal Use:

 

« Red Cross Hacked - Half A Million Victims At Risk
Making Open-Source Software Safer »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

HackRead

HackRead

HackRead is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends.

Virtual Security

Virtual Security

Virtual Security provides solutions in the field of managed security services, network security, secure remote work, responsible internet, application security, encryption, BYOD and compliance.

Kaseya

Kaseya

Kaseya is a premier provider of unified IT management and security software for managed service providers (MSPs) and small to medium-sized businesses (SMBS).

Cyber Together

Cyber Together

Cyber Together is dedicated to advancing the cyber security industry by giving businesses access to Israel’s leaders, innovators and great minds in the field of cyber security.

APrivacy

APrivacy

APrivacy provides information and communication security products for the financial services industry.

ATSEC Information Security

ATSEC Information Security

ATSEC is an independent, privately-owned company that focuses on providing laboratory and consulting services for information security.

PhishLabs

PhishLabs

PhishLabs provides 24/7 services that help organizations protect against the cyberattacks targeting their employees, their customers and their brands.

Malleum

Malleum

MALLEUM are specialists in penetration testing and security assessments. We think like hackers – and act like them – to disclose discreet dangers to your organization.

Crown Sterling

Crown Sterling

Crown Sterling delivers next generation software-based, AI-driven cryptography in the form of random number generators and encryption products.

Wayra

Wayra

Wayra connects Telefónica and technological disruptors around the world. As their preferred strategic partner, we scale them up to accelerate their business and ours.

CyberSafe

CyberSafe

CyberSafe is a Portuguese company with a focus on cybersecurity solutions and services including network security, managed security, incident response and forensic analysis.

South East Cyber Resilience Centre (SECRC)

South East Cyber Resilience Centre (SECRC)

The South East Cyber Resilience Centre supports and helps protect SMEs and supply chain businesses and third sector organisations in the region against cyber crime.

PCI Security Standards Council (PCI SSC)

PCI Security Standards Council (PCI SSC)

The PCI Security Standards Council is a global forum that brings together payments industry stakeholders to develop and drive adoption of data security standards and resources for safe payments.

NetApp

NetApp

The NetApp portfolio includes intelligent cloud services, data services, and storage infrastructure that helps organizations manage applications and data everywhere across hybrid cloud environments.

The Hacking Games

The Hacking Games

The Hacking Games' Mission is to inspire, educate and mobilise a generation of ethical hackers to make the world a safer place.

Proaxiom

Proaxiom

Proaxiom are focused on erasing cyber driven panic paralysis for Small and Medium Enterprises through brilliant cyber technologies which drive productivity and support growth.