Crypto Attacks

12944999676?profile=RESIZE_400xCrypto took a major hit last year with losses exceeding $5.6 billion, mainly driven by investment fraud, tech support scams, and social engineering via government impersonation.  Latest findings published by the FBI’s Internet Crime Complaint Center (IC3), the product of almost 70,000 reports, marks this 45% rise as a new record high for the industry.  The US alone accounts for $4.8 billion of these reported cases, followed by the Cayman Islands, Mexico, Canada, the UK, India, and Australia.

12944999099?profile=RESIZE_584x(Source: FBI)

The report laid out several fraud and scam trends, ranging from fake investment sites, pig butchering schemes linked to dating apps and professional networking platforms, and liquidity mining scams that offer high returns for staking assets.[1]  Another popular method saw criminals launching fake blockchain-based gaming apps to trick users into connecting their cryptocurrency wallets.  Scammers also showed no mercy in their tactics, reportedly targeting victims of previous frauds in secondary scams by offering fake cryptocurrency recovery services to charge upfront fees for retrieving stolen assets.

Cyber criminals continue their attacks on the cryptocurrency industry, taking advantage of its decentralized nature. With no central authority oversight in place, fraudulent transactions and illicit financial activities are very difficult to trace or reverse.  Cryptocurrency also offers anonymity and easy ways to obscure money trails, both attractive qualities sought out by online attackers and scammers.

The FBI’s findings is followed closely by reports of misconfigured, Internet-exposed Selenium Grid instances being targeted by malicious actors for illicit cryptocurrency mining and proxy-jacking.  Exploiting these public systems, threat actors leverage their victim’s Internet bandwidth to inject malicious scripts, drop cryptocurrency miners, and more.

This article is shared at no charge for educational and informational purposes only.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization.  We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC).  For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com    

Weekly Cyber Intelligence Briefings:

Weekly Cyber Intelligence Briefings:

REDSHORTS - Weekly Cyber Intelligence Briefings

https://register.gotowebinar.com/register/5378972949933166424

[1] https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-37-5/

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!