Blackberry’s cybersecurity arm, a former titan in the smartphone industry, has pinpointed some of the most infamous malware families targeting cryptocurrencies.
In a ‘Global Threat Intelligence Report’ released on Thursday, Blackberry thwarted over 1.5 million cyberattacks between March and May, primarily impacting the finance, healthcare, and government sectors.
The report pointed out, “Throughout this reporting period, BlackBerry telemetry has noticed a consistent trend in the utilization of commodity malware like RedLine, which can extract information such as stored credentials, credit card data, and cryptocurrency.”
Malware families such as SmokeLoader, RaccoonStealer, and Vidar have been specifically engineered to commandeer computers for crypto mining or theft.
For example, SmokeLoader, a malicious financial tool, was primarily exploited by Russian-based cybercriminals to load a variety of malware, including cryptocurrency miners. RaccoonStealer is another type of malware that “collects browser cookies, passwords, auto-fill web browser data, and cryptocurrency wallet information.” This malware is allegedly being traded on the dark web.
Vidar, predominantly targeting the Linux operating system, extracts data from cryptocurrency wallets and exchanges. To defend against hackers aiming to exploit the Linux OS for cryptocurrency mining, Blackberry has advised various organizations to frequently implement security patches.
“Vidar pilfers banking information, browser credentials, and cryptocurrency wallets, as well as standard files,” the company noted.
Attackers seemingly deployed the Prometei botnet, which has been operational since at least 2020, to Linux-based servers to mine cryptocurrencies like Monero. Due to Prometei’s advanced features that utilize various internet domains, this tool proved particularly challenging to detect and halt.
Cybersecurity in the Cryptocurrency Space
A recent study by cybersecurity company SonicWall unveiled that incidents of cryptojacking soared by 399% year-on-year by the end of June. The report attributed the rise in cryptojacking to regions grappling with sanctions and mining prohibitions.
Statista predicts the cybersecurity market to expand to $162.00 billion by 2023. As cryptocurrencies continue to develop, hackers are increasingly targeting exchanges, cryptocurrency platforms, and wallets.
The most recent attack transpired on July 22, affecting the crypto exchange CoinsPaid. North Korean hackers from the notorious Lazarus Group are suspected of executing a $37 million attack on the crypto payment system.
The assault depleted the company’s own reserves without impacting customer deposits, according to CoinsPaid at the time.
