Cybercriminals Are Increasingly Targeting Cryptocurrency

As cryptocurrencies and non-fungible tokens (NFTs) become more mainstream, cybercriminals are increasingly turning to them as a new method of financial mining, security experts have warned.

Researchers have observed several objectives demonstrated by cybercriminals regarding digital tokens and finance, such as traditional fraud leveraging business email compromise (BEC) to target individuals, as well as activity targeting financial organizations. (DeFi) that facilitate cryptocurrency storage and transactions for possible tracking. on the activity.

Studies from Proofpoint found that these two types of threats contributed to approximately $14 billion in cryptocurrency losses in 2021. In fact, BEC tops the list of attack types faced by CISOs in the UAE. expect to face in the coming months, with 35% of CISOs are concerned about potential BEC attacks.


Sherrod DeGrippo, vice president of research and threat detection at Proofpoint, explained that financially motivated attacks targeting cryptocurrencies have largely coalesced under pre-existing attack patterns seen in the phishing landscape before the outbreak. rise of blockchain-based currency.

“Common techniques seen when targeting cryptocurrency via email include credential harvesting, the use of basic malware thieves that target cryptocurrency credentials, and the cryptocurrency transfer solicitation like BEC,” she revealed. “These techniques are viable methods of capturing sensitive value that facilitate the transfer and spending of cryptocurrency.”

There are several DeFi apps and platforms — such as cryptocurrency exchanges — that people can use to manage their cryptocurrency, she added. “These platforms often require usernames and passwords, which are potential targets for financially motivated threat actors.

Although public keys can be securely shared, researchers are seeing actors soliciting the transfer of cryptocurrency funds via BEC-style emails that include public keys controlled by threat actors and cryptocurrency addresses. change. These email campaigns rely on social engineering to secure the transfer of funds from the targeted victims.

Users, she pointed out, should be aware of common social engineering and exploitation mechanisms used by threat actors aiming to steal cryptocurrencies.

In 2022, Proofpoint observed regular attempts to compromise users’ cryptocurrency wallets using credential harvesting. This method often relies on delivering a URL in a formatted email body or subject line that redirects to a credential collection landing page. Notably, these landing pages have started soliciting values ​​used in the transfer and conversion of cryptocurrencies.

Proofpoint researchers have also observed several examples of phishing threat actors creating and deploying phishing kits to harvest both login credentials to cryptocurrency-related sites and credentials. or cryptocurrency wallet passphrases. Phishing kits allow hackers to deploy an effective phishing page, regardless of their skill level. These are pre-packaged filesets that contain all the code, graphics, and configuration files to deploy to create a credential capture web page.

DeGrippo explained that these are designed to be easy to deploy and reusable. They are usually sold as a zip file and ready to unzip and deploy without much “behind the scenes” knowledge or technical skills.

She added that 2022 also saw an increase in BEC specifically for cryptos. These demands are mostly seen in the context of employee targeting, using spoofing as deception and often leveraging advanced fee fraud, extortion, payroll redirection or invoicing as themes. . The initial BEC email often contains the safe values ​​for public consumption, including public keys and cryptocurrency addresses.

“By impersonating an entity known to the user and listing a public key or address controlled by the actor, actors attempt to trick users into voluntarily transferring funds from their account to the based on social engineering content. It’s like how actors use routing and bank account numbers in BEC phishing campaigns,” DeGrippo said.

Copyright © 2022 Khaleej Times. All rights reserved. Provided by SyndiGate Media Inc. (

We wish to say thanks to the writer of this short article for this awesome content

Cybercriminals Are Increasingly Targeting Cryptocurrency

Visit our social media accounts and other pages related to them