- Hackers have started to incorporate cryptocurrency into spear phishing, impersonation, and business e-mail compromise attacks.
- The price of bitcoin increased by almost 400 per cent between October 2020 and April 2021.
- In the past, attackers impersonated financial institutions targeting your banking credentials, today they are using the same tactics to steal valuable bitcoin.
Cybercriminals are taking advantage of the opportunities as the price of bitcoin rises and public interest in cryptocurrency grows in a bid to trick potential victims and increase the profits they can make from their attacks.
According to Barracuda Networks, phishing impersonations and business email compromise attacks designed to steal victims’ bitcoin surged by 192 per cent between October 2020 and May 2021.
The price of bitcoin increased by almost 400 per cent between October 2020 and April 2021.
Bitcoin-themed cyberattacks have typically been used in extortion and ransomware attacks in the past, but hackers have now started to incorporate cryptocurrency into spear phishing, impersonation, and business e-mail compromise attacks, the analysis revealed.
Moreover, cryptocurrency payments are decentralised and unregulated, giving cybercriminals the means to extort victims’ bitcoin whilst remaining completely anonymous.
“Accelerating interest and demand for bitcoin has provided cybercriminals with a payments method which is virtually untraceable, enabling a multi-billion pound economy of ransomware, cyber-extortion and impersonation attacks, primarily targeting individual investors and private companies,” Fleming Shi, CTO for Barracuda Networks, said.
Barracuda researchers observed and intercepted multiple attack campaigns which saw hackers impersonate digital wallets and other cryptocurrency-related apps with fraudulent security alerts to steal log-in credentials. In the past, attackers impersonated financial institutions targeting your banking credentials, today they are using the same tactics to steal valuable bitcoin.
Moreover, Barracuda identified the most commonly used key phrases in bitcoin-inspired email attacks – typically, cybercriminals will create a sense of urgency, with the phrases ‘urgently today’, ‘day runs’ and ‘nearest bitcoin machine’ coming out on top, followed by terms that play on victims’ sentiment, such as ‘charity donation’.
As the price of bitcoin climbed, Shi said that cybercriminals started to come up with more sophisticated schemes to cash in on bitcoin-mania.
“In the past, attackers impersonated financial institutions targeting your banking credentials. Today they are using the same tactics to steal valuable bitcoins,” he said.
Need to maintain blanket security
So, he said that it’s more important than ever for organisations, workers, and investors to keep their data and financial assets completely secure and continue to train users and employees to recognise the latest tactics used by hackers is imperative to maintaining blanket security for any given organisation.
He urged all businesses and potential victims to back up their data with a third-party cloud-based data backup solution to prevent data loss, reduce downtime in the event of a cyberattack, and insure themselves against surging ransomware threat levels.
Similar to typical business e-mail compromise attacks, he said that cybercriminals will create a sense of urgency by using phrases like “urgent today” or before the “day runs” out.
“Their call to action is typically for their victim to go to the “nearest bitcoin machine.” They also play on their victims’ sentiments to request that a payment be made as a “charity donation,” making their victims believe they are doing a good thing,” Shi said.
Cryptocurrency has fueled and enabled a multibillion economy of ransomware, cyber-extortion, and impersonation. These attacks are targeting not just private businesses, but also critical infrastructure, so they increasingly pose a national security risk.
After successful attacks on Colonial Pipeline and JBS – in both cases organisations paid out ransoms — hackers will attempt to target other critical industries such as energy or water.
“These high-profile attacks are likely to bring greater interest in the regulation of bitcoin, though, making it harder for criminals to hide. As bitcoin becomes more mainstream, its value will continue to grow but so will government intervention and regulations,” Shi said.
How to protect against threats:
Protect your users from phishing attacks. We’ve seen this time and time again — hackers use current events in their attacks. Where they used to ask for wire transfers and gift cards, now they are looking for their victims to buy and send them bitcoin. Organizations need to stay on top of the latest trends in email attacks to protect their users.
Train users on the latest email threats. Continue to train your users to recognize the latest tactics used by hackers. Make phishing simulation part of your security awareness training to ensure that end users can identify and avoid these attacks.
Secure your web applications. Online applications like file-sharing services, web forms, and e-commerce sites can be compromised by attackers and used to introduce ransomware. Organisations should look for a WAF-as-a-service or WAAP solution that includes bot mitigation, DDoS protection, API security, and credential stuffing protection — and make sure it is properly configured.
Back up your data. In the event of a ransomware attack, a cloud backup solution can minimise downtime, prevent data loss, and get your systems restored quickly, whether your files are located on physical devices, in virtual environments, or the public cloud.
Don’t pay the ransom. When faced with a ransomware attack, a lot of organisations and consumers don’t know what to do other than to pay the ransom. This feeds the appetites of cybercriminals, encouraging them to attack more and ask for even bigger ransoms. If it can be avoided, don’t pay up, and work with law enforcement agencies to get a resolution.