SAAS Malware Used To Attack Crypto Wallets

Uploaded on 2022-01-24 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The availability of  of cheap and easy-to-use malware on Dark Web markets means that it has never been easier for cyber criminals to steal crypto currencies.  In most cases, industry observers focus on attacks against large organisations, hacks of crypto currency exchanges or ransomware attacks against critical infrastructure. 

Now, hackers are have begun to use this readily available malware to steal smaller amounts of crypto-currency from individual users. 

Crypto currency has been a popular target for cyber criminals, whether they are stealing it via crypto-currency exchanges or demanding it as an extortion payment in ransomware attacks. Now blockchain software experts at Chainalysis  are warning there has been a significant increase in cheap malware available and easy to use by hackers who want to steal crypto-currency from users, resulting in a significant increase of crypto currency theft. 

Crypto Currency & Malware 

The growing value and use of crypto currency means that criminals increasingly launch attacks that aim to steal the money from the digital wallets of individual users. 

Malware refers to malicious software that carries out harmful activity on a victim’s device, usually without their knowledge. This can be as simple as stealing information or money from victims, but can also be much more complex and grand in scale.  For instance, malware operators who have infected enough devices can use those devices as a botnet, having them work in concert to carry out distributed denial-of-service (DDOS) attacks, commit ad fraud, or send spam emails to spread the malware further. 

The vast majority of malware operators receive initial victim payments at private wallet addresses, though a few use addresses hosted by larger services. Of that smaller group, the majority use addresses hosted by exchanges, mostly high-risk exchanges that have low or no KYC (Know Your Customer) requirements.

Chainalysis states that crypto currency users are under threat from malware like information steals, clippers, and trojans. Malware clippers allow attackers to replace text that the user has copied. All of these types of malware are available on dark web sites for relatively small amounts of money. For example, one information stealer called Redline is advertised on Russian cyber crime forums for $150 a month. 

For most cyber criminals seeking to steal crypto currency, it is likely that they will make the money they paid for the malware back within the span of a few attacks. Chainalysis say that the cheap access to malware families such as Redline means that even low-skilled cyber criminals can use them to steal crypto currency from unassuming targets. For crypto users, the threat continues to grow.

Heimdal Security:     Oodaloop:      Chainalysis:      ZDNet:     FuntiTech

You Might Also Read: 

Ransomware And Its Criminal Use:

 

« Red Cross Hacked - Half A Million Victims At Risk
Making Open-Source Software Safer »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DLA Piper

DLA Piper

DLA Piper is a global law firm with offices throughout the Americas, Asia Pacific, Europe and the Middle East. Practice areas include Cybersecurity.

Axis Capital

Axis Capital

AXIS Insurance’s Professional Lines Division is a leading underwriter of technology/cyber coverage and other specialty products around the globe.

Intrasoft International

Intrasoft International

Intrasoft International is a leading European IT Solutions and Services Group offering a full range of IT services including Information Security.

Clearswift

Clearswift

Clearswift is trusted by businesses, governments and defense organizations globally for its Adaptive Cyber Security and Data Loss Prevention solutions.

Bluink

Bluink

Bluink specializes in identity and access management and customer identity verification, using your smartphone as a strong authenticator and secure identity store.

Deceptive Bytes

Deceptive Bytes

Deceptive Bytes provides an Active Endpoint Deception platform that dynamically responds to attacks as they evolve and changes their outcome.

Trustonic

Trustonic

Trustonic is a leader in the device security market. Our mission is to protect apps, secure devices & enable trust.

Start Left® Security

Start Left® Security

Great security culture doesn't just happen; you ENGINEER it.

Romanian Tech Startup Association (ROTSA)

Romanian Tech Startup Association (ROTSA)

Romanian Tech Startups Association is an umbrella organization that aims to promote, support and represent the interests of tech startups in Romania.

Centric Consulting

Centric Consulting

Centric Consulting is an international management consulting firm with unmatched expertise in business transformation, AI strategy, cyber risk management, technology implementation and adoption. 

Protos Labs

Protos Labs

Protos Labs enables insurers & enterprises to make better cyber risk decisions through holistic, real-time risk management tools.

Cipher Net Shield

Cipher Net Shield

Cipher Net Shield specializes in secure E-wallet solutions with a strong focus on blockchain and cybersecurity, prioritizing both transaction security and the recovery of lost capital.

IT-Schulungen.com / New Elements GmbH

IT-Schulungen.com / New Elements GmbH

Under the name IT-Schulungen.com, the Nuremberg-based New Elements GmbH has been operating one of the largest training centres in the German-speaking world for over 20 years.

Merkle Science

Merkle Science

Merkle Science provides next generation risk mitigation, compliance and forensics for crypto-native businesses, DeFi participants, financial institutions & government agencies.

Sage IT

Sage IT

Sage IT offer a wide range of professional and consulting services to help organizations overcome the challenges of today's ever-changing business environment.

Boldend

Boldend

Boldend offers leading-edge offensive and defensive cybersecurity solutions that empower government and commercial organizations to stay resilient in an evolving threat landscape.