Due to the surge in low-cost, easy-to-use malware, cyber thieves may now steal cryptocurrency more easily than before.
Whether stealing it be straight from cryptocurrency exchanges or demanding it as an extortion payment in ransomware attacks, Bitcoin has consistently been a favoured target for sophisticated cybercriminals.
However, because of its rising value, cryptocurrency has swiftly become a target for cyber thieves, who are increasingly undertaking attacks aimed at stealing cryptocurrency from individual users' wallets. According to Chainalysis, cryptocurrency users are more vulnerable to malware such as information stealers, clippers (which allow attackers to alter text copied by the user, routing cryptocurrency to their own wallets), and trojans, all of which can be purchased for "quite cheap."
On Russian cybercrime forums, for example, a type of info-stealer virus known as Redline is marketed for $150 for a month's subscription or $800 for a 'lifetime' membership. Unfortunately, for a cybercriminal aiming to steal cryptocurrencies, it's quite likely that they'll recoup their investment in software within a few attacks.
The illegal service also gives users access to a tool that enables attackers to encrypt malware, making it harder for anti-virus software to identify it, boosting the chances of attacks successfully taking cryptocurrency from victims.
"The proliferation of cheap access to malware families like Redline means that even relatively low-skilled cybercriminals can use them to steal cryptocurrency," warned the report.
Overall, the malware families in the research got 5,974 transfers from victims in 2021, up from 5,449 in 2020 – but still far less than the 7,000 transfers seen in 2019.
However, Redline is only one kind of malware designed to steal cryptocurrency, and the market for this type of malware is rising. Crypobot, an infostealer, was the most common theft of cryptocurrency wallets and account credentials among the occurrences tracked, acquiring about half a million dollars in bitcoin in 2021.
Furthermore, progress in stealing cryptocurrency from consumers may encourage more ambitious cyber criminals to attack organisations and even cryptocurrency exchanges, implying that the possibility of cybercriminals attacking crypto wallets and credentials is something that businesses should be aware of.
The blog post stated, "The cybersecurity industry has been dealing with malware for years, but the usage of these malicious programs to steal cryptocurrency means cybersecurity teams need new tools in their toolbox."
"Likewise, cryptocurrency compliance teams already well-versed in blockchain analysis must educate themselves on malware in order to ensure these threat actors aren't taking advantage of their platforms to launder stolen cryptocurrency."
