Kaspersky Lab’s cyber threat and research arm Securelist published a report on November 13, 2018, which provides details on the rising trend of cyber attacks on cryptocurrency exchanges in Q3 2018. The report also mentions prominent cyber attack groups including Lazarus as well as observing massive growth in crypto mining attacks.
Q3 2018 Crypto Attack Trend
The notorious cyber hacking group Lazarus has a penchant for being known for all the wrong reasons. On October 22, 2018, a report revealed that the North Korean, state-sponsored group had stolen roughly $571 million worth of cryptocurrencies, and the trend is likely to continue.
The report by Securelist states that the group primarily uses a trojanized cryptocurrency trading application to infect the victim’s system and hack into their data. The attacks by Lazarus will only increase in the future as the cyber outlaws have developed malware for non-Windows platforms, including Mac OS and Linux.
It was also observed that cyber attacks related to ransomware had experienced a “dramatic decline,” while cryptocurrency mining or “cryptojacking” incidents have shot up considerably.
There were a total of 2,735,611 people in 2017 to 2018 who encountered miners online compared to 1,899,236 in the 2016 to 2017 window. Further, it was noted that mining bot-nets accumulated more than $7 million in the second half of 2017.
One of the prime culprits of cryptojacking is the ransomware Trojan Rakhni. The modus operandi of the malware includes masquerading as a financial document attachment in spam emails.
Once the user opens the attached file, the malware begins to search for bitcoin-related folders in the system. In case a crypto related folder is found in the computer, the ransomware encrypts files and demands ransom from the victim; otherwise, it installs a cryptocurrency miner which utilizes power from the oblivious victim’s computer.
Moreover, the report posits that cybercriminals resort to social engineering techniques to dupe people of their digital currencies. Attackers send links to phishing scams that mirror the web pages of popular cryptocurrency exchanges. The first half of 2018 saw 100,000 such phishing attempts to redirect people to fake web pages.
The menace doesn’t stop here, as scammers attempt to milk people’s curiosity towards cryptocurrencies by luring them to fake crypto wallet sites – even promising them registration bonuses, including free crypto.