Cryptocurrency hackers have recently devised sophisticated means to penetrate the industry. Reports reveal that malware now comes in the forms of trojans and disguised installers.
Trojans and Installer Malware
According to The Next Web, studies by the Reporting and Analysis Center for Information Assurance (MELANI) in Switzerland show that Trojans now focus on digital currency exchanges. The report also showed that the most significant cyberattacks in Switzerland happened in the first half of 2018.
Monerominer, a virtual currency miner, is the sixth most crucial malware according to MELANI. The digital currency miner is notorious for downloading more malware and taking information its stead. It also carries essential information and forcefully encrypts valuable contents of hard drives thereby requesting payment mostly in cryptocurrency.
Another notorious malware plaguing the cryptocurrency space is e-banking trojan, Gozi. The malware targets digital currency exchanges by using false advertising to lure unsuspecting victims. The trojan is at the ninth position in the list of Switzerland’s most notorious online threats.
Additionally, Dridex, also an e-banking trojan, joins the list of malware attacking virtual currency exchanges. The number of virtual currency exchange targets became prominent in 2018.
Apart from using Trojans, cryptocurrency hackers also disguise virtual currency mining malware as Windows installation packages. Reports from Trend Micro, a cybersecurity expert, reveal that hackers evade online security checks by using legitimate Windows installers.
The malware, known as Coinminer, comes as a Windows Installer MSI file which the victim installs. The disguised installer, however, has a script that bounces off any anti-malware running on the victim’s system and a real digital currency mining module.
Furthermore, the malware comes with an in-built self-destruct tool that clears its tracks and makes it impossible to trace its activities. However, the cybersecurity firm revealed that the notorious installer uses Cyrillic, which it common with virtual currency hackers.
Cybercriminals Posing a Continuous Threat to the Cryptocurrency Industry
Cryptojacking, malware, and ransomware are unpleasant terms that have plagued the virtual currency space with no signs of slowing down. Cryptocurrency hackers seem to device more sophisticated means to penetrate vulnerable exchanges and computers.
Research earlier in the year revealed that almost 50,000 websites were running on virtual currency mining malware. The study also stated that of the exact 48,953 affected sites, 7,368 were powered by WordPress
Another cybersecurity firm also revealed that unsecured mobile apps were responsible for the rise in cyptojacking in the cryptocurrency industry. The firm stated Coinhive as the leader in cryptojacking attacks.
In Q1 of 2018, tech giant, Tesla, became a victim of cryptojacking. The hackers gained the company’s computing power to mine for virtual currencies. Recently, cybersecurity experts detected a new virus known as BadRabbit, although experts claimed there was a means to stop the spread of the malware.
Images courtesy of Shutterstock.