Chainalysis warns that even “low-skilled cybercriminals” are using malware to swipe funds from crypto scammers.
News
Cryptojacking accounted for 73% of the total value received by malware-related addresses between 2017 and 2021, according to a new malware report from blockchain analytics firm Chainalysis.
Malware is used to perform nefarious activity on a victim’s device such as a smartphone or Computer system after being downloaded without the victim’s knowledge. Crimes powered by malware can be anything from information theft to denial of service (DDoS) attacks or massive advertising fraud.
The report excluded ransomware, which involves the original use of hacking and malware to take advantage of ransom payments from victims to prevent attacks. Chainalysis statusd:
“While most tend to focus on high-profile ransomware attacks against large corporations and government agencies, cybercriminals are using less sophisticated types of malware to steal goods. million cryptocurrencies from individual holders.”
Chainalysis’ January 19 report focuses on different types of crypto malware, excluding ransomware, used over the past decade as information stealers, cutters, crypto fraudsters and trojans, note that they are often cheap to obtain and that even “low-skilled cybercriminals” can use them to extract funds from their victims.
Cryptojacking tops the list of value received through malware with 73%, Trojans second with 19%, ‘Others’ total 5% while information stealers and mutilators make up only 1% each.
According to Chainalysis, malware addresses send “the majority of funds to addresses at centralized exchanges,” but noted that number is decreasing. As of 2021, exchanges have received only 54% of funds from those addresses compared to 75% in 2020 and around 90% in 2019.
“DeFi protocols make up most of the difference at 20% in 2021, after receiving a negligible portion of the malware fund in 2020.”
The report looked at the prolific Hackboss slicing tool that has stolen around $560,000 since 2012 by infecting users’ clipboards to steal and replace information. It found that information provider “Cryptobot” was a significant source of profit in 2021, generating $500,000 worth of Bitcoin (BTC) from around 2,000 transactions.
Cryptojacking
Cryptojacking malware uses victims’ computing power to mine various cryptocurrencies, with the target asset selected “usually Monero” but Zcash (ZEC) and Ethereum (ETH) sometimes are also exploited.
Chainalysis notes that a specific amount of coins generated using this method is difficult to determine because funds are transferred from mempools to unknown mining addresses, as opposed to “victim wallets to new wallets.” in other cases.
While it is not possible to provide a monetary estimate of the harm caused by crypto attackers, Chainalysis predicts this type of malware accounts for almost three-quarters of the total value due to crypto-malware. electronically generated.
The report cites a 2020 report from Cisco’s cloud security division stating that crypto-attacks affected 69% of their customers, which in turn means “a huge amount of power.” stolen computer” is used to mine large amounts of cryptocurrency.
It also highlights a 2018 report from Palo Alto Networks that estimated that 5% of Monero’s circulating supply was mined by crypto attackers, estimated to be worth around $100 million in poor revenue.
Related: Onchain analyst suggests: Crypto.com breach could be worth up to $33 million
Information stealers and cutters
Credential stealers are used to swipe victim’s crypto wallet credentials and account credentials, while credential stealers can be used to insert a specific text into the tray. memory of the victim.
Clipper malware is commonly used to hijack a victim’s outgoing transactions by inserting a cybercriminal’s wallet address when the victim tries to paste a sending address.
The report notes that these two types of malware received a total of 5,974 transfers from victims in 2021, up from 5,449 the year before.