Malware and exploits are a real maturing industry, the times are long gone when you had to be a literal high-tech lowlife in order to hack someone.
As we reported back in 2018, you can get Malware-as-a-Service for measly 20 bucks if you’re ok to try your luck with something generic in hopes there is still some low-hanging fruit left.
It’s going to be more expensive than that if you’re targeting a particular segment of the internet, especially if your target is more technically skilled than an average 70-year-old, but then these targets usually earn more when the attack succeeds. In the end, the investment may pay off.
This scenario is probably what we have been seeing in 2019 in cryptospace: Cryptocurrency-related crime and targeting of crypto-traders grew especially in the second half of 2019.
That means it’s probably making good money.
Crypto-targeted threats: What are the dangers in 2020?
Because individuals involved in crypto are high-value targets, the attackers started milking as much as they can out of every successful hack.
If you become a victim, your machine will most likely get exploited in multiple different ways.
- Typically your device will be searched for competing malware or hidden mining software, which will be either wiped out or redirected to the latest attacker who gained access to your stuff.
- You will be scanned for cryptocurrency wallet files - bitcoin wallets, altcoin wallets, multicoin wallets. Don’t think that using little known wallet will protect you.
- Next your device will be searched for anything related to cryptocurrency exchanges and crypto trading platforms: Any stored access credentials, 2FA backup codes, keys.
- You will possibly get a keylogger or similar to learn your access credentials to wallet software, exchanges and also to your email - a hacked mailbox is valuable. Even if it’s not possible to restore passwords through it, it can be at least used to send off spam campaigns from a “legitimate” email account.
- Last but not least, if your infected phone or laptop is not a model from the year 1960, it will probably have some spare capacity for illicit Monero mining.
Crypto malware in 2020: Distribution
How are you most likely to get exploited?
Clicking on an email or social media link you did not expect
An IRS or similar official-looking file in an e-mail attachment is an old classic, but remember it might be coming from the email of someone you know if they got exploited.
Fake “Action required”
It could be the web wallet from blockchain.com, other hosted wallets or even trading platform accounts. If your e-mail got exposed in relation to some leaked data, as it probably happened with most of you in the 2019 BitMEX mass email fuckup, sooner or later you will get phishing emails prompting you to reset passwords or similar.
Some of these are very good - the email design will be the exact copy of what you’d get from the real site just like the imposter landing page you will end up at. Some attackers even create fake companies to buy SSL certificates for their imposter sites.
Infected trading software and trading apps
This is the most recent way of targeting crypto traders who use Mac, once the platform without viruses. (Yeah, those days are long gone too.)
The malware was hidden inside an innocent-sounding CrashReporter executable in a clone of a real Mac app for trading on multiple platforms from a single place, a popular feature that active traders and arbers always search for.
From sentinelone.com – A fake company website offering “Advanced trading functions for cryptocurrency traders that includes: technical and fundamental analysis, automated trading and many other innovative features” was used to lure victims to a Github repo containing malware hidden inside an otherwise functional application.
You see that the app was distributed via Github, not via some obscure website you never heard of.
How to protect your crypto
You might feel threatened about technically complex and expensive to pull off vulnerabilities in hardware wallets, yet meanwhile it’s getting dangerous out there.
Potential dangers come from downloading any new crypto wallet, trading application or anything that could be of interest to crypto traders - including memes which can carry steganographic payload.
It is always safer to have a triered device system for crypto, including a burner device that you use as a dumpster for every activity that is potentially dangerous.