Cyberattacks continue to terrorize the crypto space and there is no guarantee that the platform you are a customer of is completely secure. Data platform Chainalysis has warned that even “low-skilled cybercriminals” are using malware to withdraw crypto funds from hodlers.
Even simple software is dangerous
According to a new malware report from blockchain data analytics firm, Chainalysis, the cryptojacking accounted for 73% of the total value received by malware-related addresses between 2017 and 2021,
Malware is used to perform harmful activities on a victim’s device, such as a smartphone or PC, after being downloaded without the victim’s knowledge. Malware-fueled crime can range from information theft to denial-of-service (DDoS) attacks to large-scale ad fraud.
The report did not take into account the ransomwares, which involve the use of hacks and malware to leverage ransom payments from victims who are obviously keen to stop the attacks.
Chainalysis a Explain :
“While most tend to focus too much on attacking ransomware large-scale against large corporations and government agencies, cybercriminals use less sophisticated types of malware to steal millions of cryptocurrencies from individual holders. “
The January 19 report provided by Chainalysis focuses on different types of crypto malware, excluding ransomwares, used over the past decade, such as information thieves, shearers, cryptojackers and “Trojan horses”. According to the data in the report, the aforementioned software is generally inexpensive to acquire and even the “unskilled cybercriminals” can use them to empty the wallets of their victims.
the cryptojacking ranks first in rating in terms of value received via malware with the index at 73%, ‘Trojans’ rank second, scoring 19% and ‘others’ total 5% of stolen value while information thieves and shearers represent only 1% each.
According to Chainalysis, malware addresses send the “majority of funds to addresses registered on centralized exchanges”. However, it should be noted that this figure is decreasing. In 2021, exchanges only received 54% of funds stolen from these addresses, compared to 75% in 2020 and around 90% in 2019.
The report performed the in-depth examination of the prolific Hackboss Mower, infecting users’ wallets in order to replace information, through which hackers managed to steal approximately $560,000 since 2012. It also found that theinfostealer “Cryptobot” was a major source of earnings for attackers in 2021, which generated over $500,000 in bitcoins from over 2,000 transactions.
Malware from cryptojacking use the victim’s computing power to mine various cryptocurrencies. The most common target asset is Monero, but Zcash (ZEC) and ether (ETH) are sometimes also mined.
Chainalysis notes that it is difficult to determine a specific amount generated by this method, as funds are transferred from mempools to addresses of mining unknown.
Although unable to provide an estimated monetary figure on the damage caused by the cryptojackers, Chainalysis projects that this type of malware represents almost three quarters of the total value generated by crypto malware.
The report pointed out that a 2020 report from Cisco’s security division indicated that the cryptojacking affected 69% of its customers, which turns out to be a “incredible amount of stolen computing power” used to mine large amounts of cryptocurrency.
Chainalysis data also highlighted a 2018 report by Palo Alto Networks that estimated that 5% of Monero’s circulating coins had been mined by cryptojackers, or approximately $100 million in revenue.
Information thieves and mowers
Information thieves are used to remove the victim’s crypto wallet information along with account credentials, while clippers can be used to insert specific text into the victim’s wallet.
The latter are often used to hijack the victim’s outgoing transactions by inserting the cybercriminal’s wallet address when victims attempt to paste a necessary send-from address.
The report also reveals that these two types of malware stole a total of 5,974 victim transfers in 2021, compared to 5,449 the previous year.
Hacking remains a significant barrier to even greater cryptocurrency adoption due to mistrust from TradFi supporters or simply those who have never dabbled in the cryptosphere. So that the sensitization crypto to be successful, decentralized finance companies have to put a lot of effort into security users.
Source : Cointelegraph
Receive a digest of news in the world of cryptocurrencies by subscribing to our new service of newsletter daily and weekly so you don’t miss any of the essential 247 News Bulletin!