Report: $1.1 Bln in Crypto Has Been Stolen This Year

Published at: June 8, 2018

Cybersecurity company Carbon Black announced that roughly $1.1 bln worth of digital currency has been stolen in the first half of 2018, CNBC reported June 7.

The security company said that criminals take advantage of the dark web to facilitate large-scale cryptocurrency theft. Estimates reportedly show that there are 12,000 marketplaces and 34,000 offerings associated with cryptotheft hackers can take advantage of. The dark web can be only accessed with the application of special software and allows users to stay anonymous and mostly untraceable.

Carbon Black Security strategist Rick McElroy, who was interviewed by CNBC, said that basic malware costs an average of $224 and can be priced as low as $1.04. McElroy added that it even sometimes comes with a form of customer support. According to the report, the malware marketplace is worth $6.7 mln.

The report notes that thefts can be carried out by organized crime cartels or criminal gangs, but often it’s a highly-trained engineer who works alone and is looking for a means of supplementary income. As explained by McElroy, cyber-theft is “pretty easy to do” and anyone could be capable, not only notorious hacker groups. He added:

"You have nations that are teaching coding, but there's no jobs. It could just be two people in Romania needing to pay rent."

Unlike banking and conventional financial operations, cryptocurrency holders do not have institutional support to protect their savings or cover their losses in case of a fraud or hacker attacks. McElroy said:

"Usually we rely on banks, the tools are out there but investors need to know how to do this. A lot of people are unaware in this new gold rush, people are using cloud wallets and not securing their money."

Per the study, exchanges were the most popular target for cybercriminals this year, making up 27 percent of attacks.

Yesterday Cointelegraph reported that GuardiCore security team discovered a malicious traffic manipulation and cryptocurrency mining campaign. The campaign called Operation Prowli infected over 40,000 machines across various industries, including finance, education, and government.

Tags
Related Posts
Kaspersky: Cryptojacking Increasingly Popular Attack Vector for Botnets
A new bulletin from Russian internet security company Kaspersky Labs published Nov. 28 states that crypto mining malware became increasingly popular among botnets in 2018. Stealth crypto mining attacks – also know as cryptojacking – work by installing malware that uses a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. According to Kaspersky, after the crypto market bull run subsided in Jan.-Feb. 2018, interest in cryptojacking also briefly tapered off – yet it has nonetheless remained a consistent and current threat throughout the year. Number of unique users attacked by miners in Q1–Q3 2018 Among …
Cryptocurrencies / Nov. 29, 2018
Research: $160 Malware Botnet Tries to Steal Crypto From 72,000 Devices
Around 72,000 devices in 2019 alone were infected during a suspiciously cheap yet successful malware campaign to steal cryptocurrency, new data warns. MasterMana continues to spread According to the research report published by cyberintelligence company Prevailion on Oct. 2, the MasterMana botnet uses budget Russian malware that is delivered as a Trojan via a phishing email scam. The malware itself likely costs just $100, though the hackers also required a virtual public server at a cost of $60. Despite costing just around $160 in total, MasterMana achieved considerable success, Prevailion warned, concluding that the bad actors behind it reached 2,000 …
Cryptocurrencies / Oct. 4, 2019
ESET Flags New Latin American Banking Trojan That Targets Crypto
Major Slovakia-based antivirus software provider ESET has discovered a banking trojan that can steal cryptocurrencies and is especially widespread in Latin America. Primary targets Known as “Casbaneiro” or “Metamorfo,” the newly found malware family targets banks and cryptocurrency services located in Brazil and Mexico, ESET’s editorial arm WeLiveSecurity reports Oct. 3. According to the report, Casbaneiro uses a social engineering execution method, which displays fake pop-up windows misleading potential victims to enter sensitive information. The capabilities of the malware are typical of Latin American banking trojans that can take screenshots and send them to command and control server, simulate keyboard …
Blockchain / Oct. 3, 2019
New Bitcoin Wallet-Focused Trojan Uncovered by Security Researchers
A new Remote Access Trojan (RAT) malware that steals Bitcoin (BTC) wallet data has been discovered by security researchers, according to a Sept. 12 report from Zscaler ThreatLabZ. The RAT, dubbed InnfiRAT, is designed to perform a wide range of tasks on the infected machines, including specifically seeking out Bitcoin and Litecoin (LTC) wallet data. A multi-pronged attack on infected systems As the researchers note, InnfiRAT is written in .NET, a software framework developed by Microsoft and used to develop a wide range of applications. The malware is designed to access and steals personal data stored on victims’ computers — …
Bitcoin / Sept. 19, 2019
New Crypto Mining Malware Beapy Uses Leaked NSA Hacking Tools: Symantec Research
American software security firm Symantec found a spike in a new crypto mining malware that mainly targets enterprises, TechCrunch reports on April 25. The new cryptojacking malware, dubbed Beapy, uses the leaked United States National Security Agency (NSA) hacking tools to spread throughout corporate networks to generate big sums of money from a large amount of computers, the report notes. First spotted in January 2019, Beapy reportedly surged to over 12,000 unique infection across 732 organizations since March, with more than 80% of infections located in China. As found by researchers, Beapy malware is reportedly spread through malicious emails. Once …
United States / April 25, 2019