Crypto-asset theft accounts for $1.1bn in losses this year
A cybersecurity company has reported that more than $1.1bn has been lost in the first six months of 2018 through cryptocurrency-related crimes.
In its July 2018 report, published on Friday, Carbon Black identified $1,148,763,000 in losses. The figure shows that crypto-related cybercrime is on the increase as a growing variety of cryptocurrency-targeting offerings become available on the dark web.
To put this figure in context, the latest full-year data available from the US FBI’s Internet Crime Center show that in the whole of 2016 victims reported a total of $1.3bn in losses from all cybercriminal activity.
Of the attacks identified by Carbon Black, 27% targeted cryptocurrency exchanges, while 21% of attacks were on businesses. The next largest group was individual user wallets, accounting for 14% of attacks.
And while bitcoin remained the lead currency, not only in terms of market capitalisation but also in terms of legitimate cyber transactions, criminals found it a much less profitable source for attack. Monero proved to be most popular, accounting for around 44% of all attacks.
“Cybercriminals appear to prefer Monero due to privacy, non-traceability and comparatively low transaction fees,” the report said.
Dark web activity
The report also found a growing number of malicious software (malware) offerings on the dark web – an area of the internet not indexed by search engines and that usually requires specific software and authorisation to access.
Carbon Black’s research unveiled an estimated 12,000 dark web marketplaces selling around 34,000 cryptocurrency-related malware offerings. The company calculated that these offerings represent a $6.7m annual illicit economy built from crypto-related malware development and sales.
Given the growth in the cryptocurrency market, cybercriminals will continue to exploit this ever-increasing attack surface and inexperienced investors eagerly climbing aboard the crypto bandwagon will exacerbate the opportunity for such exploitation, the report warns.
“Our analysis of the marketplace suggest cryptocurrency-related malware listings are designed to cater to unskilled cyber actors, or those looking to make a quick buck from highly-vulnerable victims.”
In response to the threat, Carbon Black suggested a few simple measures to reduce the threat:
- Use an ad-blocker on all endpoints to browse the internet
- Choose your exchange carefully: conduct thorough research to select a trustworthy trading venue
- Sore all cryptocurrency in an offline wallet and have a backup: never store in an online (hot) wallet
- Don’t fall victim to phishing or fraudulent websites – look out for the giveaways: poor spelling, offers that are too good to be true, persistent emails etc.