From the cybersecurity wing of the erstwhile smartphone titan, Blackberry, emerges an arresting account of deceitful malware groups that have fixed their gaze firmly on cryptocurrencies. The ‘Global Threat Intelligence Report’ unveiled by Blackberry revealed how within a brief span from March to May, over 1.5 million cyberattacks were ardently halted. These were perilous pounces majorly affecting sectors like finance, healthcare, and the government.
The investigative report outlines the unabating trend, during the said period, wherein conventional malware like RedLine came into play, intent upon scalping information that included sensitive nuggets such as credentials that had been stored, credit card specifics, and cryptocurrency data.
Malware groups like SmokeLoader, RaccoonStealer and Vidar were explicitly shaped to illicitly seize control of computers earmarked for crypto mining or theft. SmokeLoader signifies a troubling example – a fraudulent financial instrument mainly wielded by mischievous elements rooted in Russia, for the purpose of unloading an assortment of malware, crypto miners included.
RaccoonStealer is another such predator lurking in the dark recesses of the web, all set to graze on coveted data from web browsers, passwords and precious cryptocurrency wallet details. Vidar, the third in this nefarious company, is typically targeted at the Linux operating system, aiming to garner details from crypto wallets and exchanges.
Blackberry, consequently, advised numerous organizations to unflinchingly execute security patches in order to guard against hackers brazenly trying to exploit Linux OS for crypto mining.
These underhanded elements have been known to employ the Prometei botnet, active since 2020, on Linux-based servers to mine promising cryptocurrencies like Monero. Detecting and stopping the potent tool has proven to be a daunting task, owing to the advanced features of Prometei which utilizes different internet domains to camouflage its operations.
Cybersecurity company SonicWall shed light on the shocking surge in cryptojacking incidents – a staggering 399% rise year on year by end June – attributing the spike to regions shackled by sanctions and mining bans.
Crypto exchanges and platforms and wallets are grappling with relentless attacks by hackers as cryptocurrencies continue to evolve. CoinsPaid, a crypto exchange, was recently at the receiving end of a colossal $37 million worth attack. The company’s reserves were systematically drained off, even as it assured that the balances held by customers remained unaffected. The notorious Lazarus Group, affiliated with North Korea, is the suspected perpetrator in this case.
Source: Cryptonews