The Bitcoin fever is a real magnet for thieves of all kinds who come up with a multitude of ways how to steal crypto. It turns out that Bitcoin stealers target not only big companies but individual users with modest amounts in their crypto wallets as well. Chainalysis has recently revealed that $14 billion of crypto assets have been stolen in 2021, which is an increase of 79% compared to the previous year. You need to have a better idea of how to protect crypto these days. We will keep you aware of cyber threats that might be lurking around the corner.
Nobody can tell you the exact figures, but cryptojacking might be the most popular scheme of stealing crypto. According to the confession from Cisco, a multinational tech juggernaut, about 70% of their cloud security clients suffered from this type of malware in 2020.
How to steal crypto using this malware? The criminals focus their efforts on stealing computing power for mining crypto. Cryptojackers can stealthily use someone else’s computer or server resources over long periods of time without anyone suspecting something is amiss.
At least 5% of all Monero (XMR) has been mined this way by 2018, according to a report from Palo Alto Networks. Except for this coin, cryptojackers can mine Ethereum, Dogecoin, ZCash, Ravencoin, etc. Bitcoin stealers don’t use cryptojacking malware because it takes special equipment to mine BTC rather than personal computers.
This type of malware allows bad actors to collect credentials (such as crypto wallet details) that have been stored on their web browser. Most info stealers cost around $100-$300 and can be used even by amateurs. As a rule, they use the Malware-as-a-Service business model and have their own C2 infrastructure, a web panel, and cryptos whose purpose is encrypting the file with malware to escape the basic security layers. The data obtained using such software is usually sold on darknet forums or Telegram channels to Bitcoin stealers.
A popular info stealer is еру so-called cryware which allows its users to grab and exfiltrate information from hot wallets as they provide easier access to crypto keys for making transactions.
Bitcoin stealers can resort to a variety of social engineering techniques to weave webs of lies, leveraging common patterns of human behavior and emotional reactions in certain life scenarios. They can send malicious links via email, pose as government agency officials, send the potential victim to fake websites, and even trick crypto owners into giving away their wallet recovery codes.
One of the most vivid examples of social engineering is the Ponzi scheme. With so many scandals and revelations associated with similar scams, it should have been long forgotten and buried, but no, it’s still evergreen. A recent story: PlusToken, an Asian crypto wallet service that encouraged over 3 million people to purchase the fake company’s token using BTC or ETH.
Reading about multiple social engineering scams can massage your brain into mush. You can’t get prepared for all of them, but you need to know how to protect crypto from fraudsters of this kind. Just a few rules to follow:
Keeping your crypto in cold wallets would be a good idea – they are less likely to be compromised than hot wallets. However, it might be not enough for certain types of threats. To avoid becoming a juicy target for Bitcoin stealers, take advantage of the HackenAI digital wallet.
Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email.