🚀 CloudSEK has raised $19M Series B1 Round – Powering the Future of Predictive Cybersecurity
Read More
Identify and counter malicious links and phishing attempts effectively with CloudSEK XVigil Fake URLs and Phishing module, bolstering your defense against cyber threats
Schedule a DemoSince its advent in 2008, cryptocurrency has made a giant leap from being a part of the science community to become a common topic of discussion in almost every gathering, real or virtual. It is important to note the qualities of crypto which make it a lucrative mode of currency, it also attracts cybercriminals who use these features to trick potential victims and increase their profits. Paired with the global pandemic, remote working, and an overall fragile cybersecurity infrastructure it should come as no shock that in the year 2021, there have been a number of cybersecurity incidents as well as an increase in new attack vectors such as VPN and RDP. According to the data gathered by CloudSEK, crypto-related cyber attacks accounted for 2.9% of all reported cyber threats in 2021 with an 8.4% increase from February to October.
The growing cases of crypto scams and cyberattacks have affected millions of investors around the world and have also led to a decrease in the value of crypto-related stocks. In this paper, we have brought together data from XVigil and various other sources to provide you with an overview of the rise in Cryptocurrency-related cyber attacks in 2021.
Even in a short period of time, threat actors have successfully developed various vectors to exploit cryptocurrencies. Following are the most common types of attacks prevalent against cryptocurrencies.
Hackers achieve this via infecting websites or online ads with JavaScript code that auto-executes once loaded in the victim’s browser, or by convincing the victim to click on a malicious link in a customized email that loads the crypto mining code on the machine. Once the code is loaded, it executes in the background, unnoticed by the victim. The only visible signs of this are a decrease in CPU performance and slowness of the system.
Fraudsters find it easy to conduct these scams since most people are unfamiliar with cryptocurrencies.
Information from statista.com suggests that due to developments involving Tesla and Coinbase, Bitcoin (BTC) was worth more than USD 60,000 in both February and April 2021. The news by Tesla that it had purchased USD 1.5 billion worth digital coins, as well as the IPO of the United States’ largest crypto exchange, attracted widespread attention including that of cyber threat actors. Investments by notable firms such as Grayscal and MicroStrategy provided a huge publicity to crypto. MicroStrategy is the first publicly traded company to invest significant treasury assets in Bitcoin.
Besides this, tweets by Elon Musk, Gene Simmons, and Carole Baskin, among others, assisted in speeding up crypto adoption among the general public. The data gathered by XVigil indicates that there has been a significant increase in crypto-based cyber threats from April to June 2021 and from August to September 2021. Thus suggesting that the hype surrounding cryptocurrencies has made it a desirable target for cybercriminals.
After analyzing the data gathered by XVigil, from multiple platforms across the internet, we found that the majority of crypto-based cyber incidents in 2021 had a global impact. A major reason for this can be the ease of conversion of bitcoin into a particular currency as compared to inter-currency conversions. For example, to purchase a product in American Dollars, Indians would have to convert INR to USD, and any remaining change would have to be converted back to INR. Whereas, in the case of bitcoin users can directly deal with bitcoin and save the change for future purchases that use bitcoin.
In the first three quarters of 2021, Asia & Pacific recorded the second-highest number of crypto-based incidents closely followed by Europe, North America, South & Latin America, and Africa.
Data acquired by XVigil indicates that the sale and purchase of datasets from various crypto exchanging platforms accounted for the majority of threat posts i.e 47.2% of overall crypto-based cyber attacks. Malware, accesses, vulnerabilities, and exploits were among the other prominent data types targeted. Here is a collection of the most intriguing advertisements discovered through our Threat Intelligence field research.
2. Actor selling the user database from Shakepay.com, a website that allows Canadians to buy or sell bitcoin and pay their friends. The alleged database contains 387K unique records.
3. Actor selling methods to bypass 2FA (two-factor authentication) on crypto exchange accounts from Binance. Binance is a cryptocurrency exchange that is currently the largest exchange in the world in terms of the daily trading volume of cryptocurrencies. The actor mentions that the buyers need not log in to execute this attack and is offering this service for USD 500.
4. Actor sharing Nexus stealer malware, with easy control from the admin panel. Through it, an attacker can get the files for access to crypto wallets, among other things.
5. A threat actor is selling 3.1 million email records of the world’s most trusted & accurate source for crypto market capitalizations, pricing, and information, i.e CoinMarketCap.
6. Actor selling the PoC (Proof of Concept) for a vulnerability present in LocalBitcoin.com, one of the leading peer-to-peer Bitcoin trading platforms in the world. The alleged vulnerability is based on the internal transactions with LBC accounts which is practically similar to spending double the amount.
Poly Network is a decentralized finance (DeFi) network that allows users to trade or swap tokens across different blockchains. Tokens are traded between blockchains using a smart contract that specifies when the assets should be released to the counterparties. According to a preliminary assessment, the hackers exploited a weakness in this smart contract and stole funds in over 12 different cryptocurrencies, including Ether and a Bitcoin variant.
There have been multiple cases of scams and cyber attacks against cryptocurrencies, which have put the public in a state of dilemma when it comes to investing in crypto. Listed below are the major impact of these attacks on crypto exchanges and investments:
The returns involved in crypto investments are remarkable, making it nearly hard to avoid them. Cryptocurrency security, on the other hand, has become a prevalent issue among investors. While safeguarding digital assets is difficult, here are some recommended practices to follow to keep your digital cash safe.
Given the popularity of cryptocurrencies and the growing adoption among a wide range of users, it will become progressively more complex and energy-intensive to track and trace crypto transactions. Hence it is essential for users, investors, and government agencies across the globe to adopt safe practices, use reliable crypto exchanges, and develop policies that create a safe DeFi ecosystem. To safeguard themselves from crypto attacks and hacks, users must educate themselves on how to safely participate in cryptocurrency exchanges before investing their money. Alternatively, there are numerous options in terms of exchanges and digital wallets where the customer can store their digital currency. Hence, an informed customer must weigh the advantages and disadvantages of each of these options and make an informed decision.
A good provider will often have features like multi-factor authentication, SSL/TLS encryption for facilitating and safeguarding crypto transactions. Therefore, before choosing a financial services provider, the users must read the privacy and security policies of the concerned institution. Additionally, companies should equip their users with adequate knowledge and tools to protect their data and money in a world full of digital frauds. The right company will maintain transparency with its customers and help them have a secure crypto banking experience.
Discover how to navigate and protect against Dark Web threats. Learn about cyber risks, real-time monitoring, and securing your digital presence.
On 23 October 2023, CloudSEK’s Threat Intelligence Team detected a Ransomware-as-a-Service (RaaS) group, named QBit introducing a newly developed ransomware written in Go, boasting advanced features to optimize its malicious operations.
Cyclops, now renamed as Knight also known as Cyclops 2.0, debuted in May 2023. The Cyclops group has successfully developed ransomware that can infect all three major platforms: Windows, Linux, macOS, ESXi and Android.
Take action now
CloudSEK Platform is a no-code platform that powers our products with predictive threat analytic capabilities.
Digital Risk Protection platform which gives Initial Attack Vector Protection for employees and customers.
Software and Supply chain Monitoring providing Initial Attack Vector Protection for Software Supply Chain risks.
Creates a blueprint of an organization's external attack surface including the core infrastructure and the software components.
Instant Security Score for any Android Mobile App on your phone. Search for any app to get an instant risk score.
min read
Cryptocurrency: An Emerging Target for Cyberattacks
Since its advent in 2008, cryptocurrency has made a giant leap from being a part of the science community to become a common topic of discussion in almost every gathering, real or virtual. It is important to note the qualities of crypto which make it a lucrative mode of currency, it also attracts cybercriminals who use these features to trick potential victims and increase their profits. Paired with the global pandemic, remote working, and an overall fragile cybersecurity infrastructure it should come as no shock that in the year 2021, there have been a number of cybersecurity incidents as well as an increase in new attack vectors such as VPN and RDP. According to the data gathered by CloudSEK, crypto-related cyber attacks accounted for 2.9% of all reported cyber threats in 2021 with an 8.4% increase from February to October.
The growing cases of crypto scams and cyberattacks have affected millions of investors around the world and have also led to a decrease in the value of crypto-related stocks. In this paper, we have brought together data from XVigil and various other sources to provide you with an overview of the rise in Cryptocurrency-related cyber attacks in 2021.
Even in a short period of time, threat actors have successfully developed various vectors to exploit cryptocurrencies. Following are the most common types of attacks prevalent against cryptocurrencies.
Hackers achieve this via infecting websites or online ads with JavaScript code that auto-executes once loaded in the victim’s browser, or by convincing the victim to click on a malicious link in a customized email that loads the crypto mining code on the machine. Once the code is loaded, it executes in the background, unnoticed by the victim. The only visible signs of this are a decrease in CPU performance and slowness of the system.
Fraudsters find it easy to conduct these scams since most people are unfamiliar with cryptocurrencies.
Information from statista.com suggests that due to developments involving Tesla and Coinbase, Bitcoin (BTC) was worth more than USD 60,000 in both February and April 2021. The news by Tesla that it had purchased USD 1.5 billion worth digital coins, as well as the IPO of the United States’ largest crypto exchange, attracted widespread attention including that of cyber threat actors. Investments by notable firms such as Grayscal and MicroStrategy provided a huge publicity to crypto. MicroStrategy is the first publicly traded company to invest significant treasury assets in Bitcoin.
Besides this, tweets by Elon Musk, Gene Simmons, and Carole Baskin, among others, assisted in speeding up crypto adoption among the general public. The data gathered by XVigil indicates that there has been a significant increase in crypto-based cyber threats from April to June 2021 and from August to September 2021. Thus suggesting that the hype surrounding cryptocurrencies has made it a desirable target for cybercriminals.
After analyzing the data gathered by XVigil, from multiple platforms across the internet, we found that the majority of crypto-based cyber incidents in 2021 had a global impact. A major reason for this can be the ease of conversion of bitcoin into a particular currency as compared to inter-currency conversions. For example, to purchase a product in American Dollars, Indians would have to convert INR to USD, and any remaining change would have to be converted back to INR. Whereas, in the case of bitcoin users can directly deal with bitcoin and save the change for future purchases that use bitcoin.
In the first three quarters of 2021, Asia & Pacific recorded the second-highest number of crypto-based incidents closely followed by Europe, North America, South & Latin America, and Africa.
Data acquired by XVigil indicates that the sale and purchase of datasets from various crypto exchanging platforms accounted for the majority of threat posts i.e 47.2% of overall crypto-based cyber attacks. Malware, accesses, vulnerabilities, and exploits were among the other prominent data types targeted. Here is a collection of the most intriguing advertisements discovered through our Threat Intelligence field research.
2. Actor selling the user database from Shakepay.com, a website that allows Canadians to buy or sell bitcoin and pay their friends. The alleged database contains 387K unique records.
3. Actor selling methods to bypass 2FA (two-factor authentication) on crypto exchange accounts from Binance. Binance is a cryptocurrency exchange that is currently the largest exchange in the world in terms of the daily trading volume of cryptocurrencies. The actor mentions that the buyers need not log in to execute this attack and is offering this service for USD 500.
4. Actor sharing Nexus stealer malware, with easy control from the admin panel. Through it, an attacker can get the files for access to crypto wallets, among other things.
5. A threat actor is selling 3.1 million email records of the world’s most trusted & accurate source for crypto market capitalizations, pricing, and information, i.e CoinMarketCap.
6. Actor selling the PoC (Proof of Concept) for a vulnerability present in LocalBitcoin.com, one of the leading peer-to-peer Bitcoin trading platforms in the world. The alleged vulnerability is based on the internal transactions with LBC accounts which is practically similar to spending double the amount.
Poly Network is a decentralized finance (DeFi) network that allows users to trade or swap tokens across different blockchains. Tokens are traded between blockchains using a smart contract that specifies when the assets should be released to the counterparties. According to a preliminary assessment, the hackers exploited a weakness in this smart contract and stole funds in over 12 different cryptocurrencies, including Ether and a Bitcoin variant.
There have been multiple cases of scams and cyber attacks against cryptocurrencies, which have put the public in a state of dilemma when it comes to investing in crypto. Listed below are the major impact of these attacks on crypto exchanges and investments:
The returns involved in crypto investments are remarkable, making it nearly hard to avoid them. Cryptocurrency security, on the other hand, has become a prevalent issue among investors. While safeguarding digital assets is difficult, here are some recommended practices to follow to keep your digital cash safe.
Given the popularity of cryptocurrencies and the growing adoption among a wide range of users, it will become progressively more complex and energy-intensive to track and trace crypto transactions. Hence it is essential for users, investors, and government agencies across the globe to adopt safe practices, use reliable crypto exchanges, and develop policies that create a safe DeFi ecosystem. To safeguard themselves from crypto attacks and hacks, users must educate themselves on how to safely participate in cryptocurrency exchanges before investing their money. Alternatively, there are numerous options in terms of exchanges and digital wallets where the customer can store their digital currency. Hence, an informed customer must weigh the advantages and disadvantages of each of these options and make an informed decision.
A good provider will often have features like multi-factor authentication, SSL/TLS encryption for facilitating and safeguarding crypto transactions. Therefore, before choosing a financial services provider, the users must read the privacy and security policies of the concerned institution. Additionally, companies should equip their users with adequate knowledge and tools to protect their data and money in a world full of digital frauds. The right company will maintain transparency with its customers and help them have a secure crypto banking experience.