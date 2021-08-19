The more the value of Bitcoin grows, and consequently the public interest in cryptocurrencies increases, the more cybercriminals take advantage of the opportunities created to attract potential victims and generate illicit profits.

Analyzing the recent ones BEC attacks (Business Email Compromise) and impersonations launched between October 2020 and May 2021, the volume of attacks related to cryptocurrencies was found to closely follow the rise in the price of Bitcoin. Between October 2020 and April 2021, the price of Bitcoin grew by almost 400% and, over the same period, impersonation attacks increased by 192%.

Bitcoin Attack: The Threat

Cryptocurrencies are a type of currency that exists only in digital format. Thanks to the decentralized nature of cryptocurrencies and the absence of rules, they have become the preferred currencies for cybercriminals.

Traditionally they are used in ransomware attacks and extortion, but recently cybercriminals have started using them in other types of attacks as well, such as spear phishing, in addition to impersonation and the Business Email Compromise that we have already mentioned.

Until recently, it was not possible to use cryptocurrencies in the real world to pay for goods and services. Still, the fact that some companies have announced plans to accept Bitcoin payments has generated a lot of interest in cryptocurrencies by increasing their value.

Bitcoin scams: the risks of cryptocurrencies and security solutions

The details of the cryptocurrency attacks

Criminal hackers ask for a payment in Bitcoin in extortion, for example when they claim to be in possession of compromising videos or information that will be made public if the victim does not pay. This scheme is not new but as the value of Bitcoins increases, criminals have developed more sophisticated systems to take advantage of the situation.

In many cases, criminal hackers pretended to be digital wallets or other cryptocurrency-related apps, reporting fake security alerts to steal login credentials. Basically, the same tactic used in the past in phishing attacks when they pretended to be the victim’s bank to steal account access data.

Cybercriminals have also started using Bitcoin in Business Email Compromise attacks where they pretend to be employees of some organization. The emails are targeted and personalized in order to encourage victims to buy bitcoins, donate them to some fake charity or pay bills from a fake supplier with cryptocurrency (Images 3 and 4).

By analyzing the language used in this type of attack, it was possible to identify the key phrases and calls to action used to convince the victims. Similar to typical BEC attacks, cybercriminals tend to create a sense of urgency with phrases such as “reply now” before “deadlines run out.” The call to action typically tends to take victims to the closest Bitcoin machine. Hackers also play on people’s sensibilities by soliciting donations to charities.

Crypto scams on Discord and Telegram: what they are, how to recognize them and defend yourself

Cryptocurrencies and ransomware

Given the rapid growth in the perceived value of Bitcoins, ransomware attacks create more damage than ever. Cryptocurrencies appear to be the perfect currency for criminal activity – they are difficult to track, unregulated and increasingly expensive, all of which provide criminals with compelling reasons to use them.

Over the past year, digital transformation has accelerated sharply with most people forced to work remotely. As a result, much more data is created and stored in collaborative apps today, making much more information vulnerable to attack, making it an attractive target for cybercriminals.

Plus, you don’t need to be a tech genius to launch a ransomware attack. Ransomware-as-a-Service is rapidly spreading on the Dark Web, where anyone can hire a group of hackers to conduct an attack on their own. This makes ransomware much more accessible to cybercriminals, generating an increasing number of attacks.

The number of ransomware attacks has always grown from year to year and, at the same time, the sums required have grown. In 2019, ransom requests ranged from a few thousand to $ 2 million, but in the first six months of this year, most requests were in the millions of dollars, with a significant percentage over $ 20 million.

It’s hard to tell why requests have grown this way, but there are probably a couple of reasons that can help explain it. First, fewer and fewer companies are paying the ransom, preferring to take the risk. Secondly, payments are more traceable than in the past.

When it comes to millions of dollars, even the police are more motivated to track money, return it to victims, and sometimes arrest the perpetrators.

Colonial Pipeline, for example, it managed to recover a significant portion of the ransom. It is therefore natural that the ransom demands are higher, both to be convenient for cybercriminals and to “repay” the risk. Cybercriminals could always ask for the same bitcoin figures, but as the price of cryptocurrencies rises, the cost to victims may be unsustainable.

Bitcoin: are they really anonymous? This is what the Colonial Pipeline case demonstrates

The future of cryptocurrencies and cyber crime

Cryptocurrencies have made possible and fueled a multi-billion dollar economy of ransomware, cyber extortion and impersonation. These attacks are aimed not only at companies, but also at critical infrastructures, with serious risks to national security.

After the successful attacks on Colonial Pipeline e JBS – in both cases the organizations have paid the ransom – the criminal hackers will turn their attention to other critical sectors, such as energy and water supply.

These high-profile attacks will likely push governments to regulate Bitcoin, making life more difficult for cybercriminals. The more the popularity of bitcoins grows, the more their value will grow, but so will the interest of governments to intervene and regulate.

How to protect yourself from cryptocurrency threats

Protect yourself from physical attacks . We have now learned that cybercriminals use current events to value their attacks. While they used to ask for wire transfers and gift certificates, now they try to get victims to buy and sell bitcoins. Organizations need to be up-to-date on these new trends to protect their users.

. We have now learned that cybercriminals use current events to value their attacks. While they used to ask for wire transfers and gift certificates, now they try to get victims to buy and sell bitcoins. Organizations need to be up-to-date on these new trends to protect their users. Teach users to recognize new threats . It is essential to continue to train users so that they can recognize the tactics used by hackers. Phishing attack simulations should be an essential part of training programs to be reasonably sure that they know how to recognize and avoid them.

. It is essential to continue to train users so that they can recognize the tactics used by hackers. Phishing attack simulations should be an essential part of training programs to be reasonably sure that they know how to recognize and avoid them. Secure web applications . Online applications such as file sharing services, web forms and ecommerce sites can be compromised by attacks and used to introduce ransomware. You should consider WAF-as-a-Service or WAAP solutions that offer bot mitigation, DDoS protection, API security, and credential protection, making sure they are properly configured.

. Online applications such as file sharing services, web forms and ecommerce sites can be compromised by attacks and used to introduce ransomware. You should consider WAF-as-a-Service or WAAP solutions that offer bot mitigation, DDoS protection, API security, and credential protection, making sure they are properly configured. Data backup . In the event that a ransomware attack is successful, a cloud backup solution can help minimize downtime, prevent data loss, and quickly restore systems whether files are on local physical devices, in virtual environments or in the public cloud. .

. In the event that a ransomware attack is successful, a cloud backup solution can help minimize downtime, prevent data loss, and quickly restore systems whether files are on local physical devices, in virtual environments or in the public cloud. . Don’t pay the ransom. When they are victims of a ransomware attack, many organizations or ordinary citizens do not know if there are alternatives to paying the ransom. This is precisely what hackers are betting on, and they are encouraged to launch more and more attacks and ask for more and more money. Better, if possible, to involve the police forces to find a solution.

