Rise in Phishing Attacks Targeting Cryptocurrency Buyers

With the price of Bitcoin on the rise, cybercriminals are targeting these users for their own financial gain. According to a study by Barracuda, the price of Bitcoin increased by 400% between October 2020 and May 2021 while the rise of cyberattacks grew by 192% in the same period. These attackers are using cryptocurrency to carry out spear-phishing attacks, business email compromise(BEC) attacks, and ransomware attacks.

As of late, many businesses are starting to shift into the world of cryptocurrency and beginning to accept it as a form of payment. This is where the attackers are shifting their attention. Due to the increase in value of Bitcoin and other cryptocurrencies, attackers are seeing this as a viable extortion opportunity as there are fewer regulations surrounding cryptocurrency, therefore, making it harder to trace back to the user. We saw this happen as recently as a few months ago with the Colonial Pipeline attack where they had to spend millions of dollars worth of Bitcoin due to a ransomware attack that compromised the functioning of their pipelines.

Barracuda mentions that these attackers are using malicious tactics such as sending fake emails notifying users of a “security breach” to obtain their Bitcoin login credentials, creating fake charities to persuade victims to purchase or donate Bitcoin, and targeting employees with personalized emails. Chainalysis lists third-party providers that can be used to carry out attacks through penetration testing services(used to probe for potential weaknesses), exploit sellers(the selling of access to certain vulnerabilities), and bulletproof hosting providers(allows users to host any website and complete purchases anonymously). Hackers are also using Bitcoin to get paid in extortion and ransomware attacks where they target victims claiming to have obtained compromising videos or photos of them and then threatening to release them if they do not pay the ransom in Bitcoin. This tactic has been around for a while but the use of Bitcoin has increased their monetary gain in these schemes. According to Chainalysis, there was about 5 billion dollars worth of cryptocurrency used in illicit activities in 2020 with 350 million dollars being obtained specifically from ransomware attacks. This was a 311% increase in cryptocurrency-related ransomware attacks compared to 2019. No other category rose as dramatically in 2020, which may have been caused by the massive influx of people working from home due to the Covid-19 pandemic which caused major vulnerabilities for many organizations.

The future of cryptocurrency will change as cybercriminals are using this digital currency to their advantage. With the recent successful attacks on the Colonial Pipeline and JBS, Barracuda mentions, it is clear these criminals are aiming for large targets. They will most likely attempt to hit other critical industries such as water or energy. Chainalysis notes that ransomware is incredibly destructive as it has the potential to cripple local governments and businesses for weeks with there being 62 attacks on healthcare-related facilities in 2020. Some experts have estimated as much as 20 billion dollars in economic losses due to these attacks in 2020. As these attacks increase in frequency and with the use of cryptocurrency for ransom payments, the government will most likely have to get involved in the regulation of this digital currency.

Here are some helpful tips to protect yourself against cryptocurrency-related threats according to Barracuda and SIW:

1. Invest in 24/7 monitoring
   1. Holidays and early morning hours are the popular times for cybercriminals to attack so it would be best to invest in a SOC(security operations center) or work with a partner that has one
2. Endpoint Detection and Response Solution
   1. With so many individuals still working from home, having an EDR can be helpful as they use behavior-based algorithms to detect ransomware. The IT team can then work on remediation once there is a detection.
3. Incorporate phishing training into your organization and stay on top of the latest email attacks
   1. Companies can benefit from training their employees on phishing and the proper things to look out for to establish whether the email is safe or not, such as checking for spelling errors, checking the senders’ email address, etc.
4. Make sure your web applications are secure
   1. Online applications can be used for ransomware attacks so it is best for organizations to invest in API Security and software that protects against DDoS attacks and bot mitigation.
5. Back up your data
   1. If a ransomware attack were to happen, having your data backed up can help to prevent losing recent files/data and aid in getting your system restored faster. This can be backed up on the cloud or a physical device, either way, it helps!

With these cybercriminals becoming more intelligent with their attacks every day, we need to try to stay one step ahead and protect our employees and our companies. Together we can use these precautionary measures in an attempt to stay safe and secure!