Saeed Salem Al Heabsi has a room in his home in Abu Dhabi that resembles a museum, showcasing a collection of rare items
uae4 hours ago
As cryptocurrencies and non-fungible tokens (NFTs) become more mainstream, cybercriminals are increasingly turning to them as a new method of financial extraction, security experts have warned.
Researchers have observed multiple objectives demonstrated by cybercriminals relating to digital tokens and finance such as traditional fraud leveraging business email compromise (BEC) to target individuals, as well as activity targeting decentralized finance (DeFi) organisations that facilitate cryptocurrency storage and transactions for possible follow-on activity.
Studies by Proofpoint have found that both of these threat types contributed to around $14 billion in cryptocurrency losses in 2021. In fact, BEC topped the list of types of attacks CISOs in the UAE expect to face in the coming months, with 35 per cent of CISOs being concerned about potential BEC attacks.
Sherrod DeGrippo, vice president of Threat Research and Detection at Proofpoint, explained that the financially motivated attacks targeting cryptocurrencies have largely coalesced under pre-existing attack patterns observed in the phishing landscape prior to the rise of blockchain based currency.
“Common techniques observed when targeting cryptocurrency over email include credential harvesting, the use of basic malware stealers that target cryptocurrency credentials and cryptocurrency transfer solicitation like BEC,” she revealed. “These techniques are viable methods of capturing sensitive values which facilitate the transfer and spending of cryptocurrency.”
There are multiple DeFi applications and platforms – such as cryptocurrency exchanges – that people can use to manage their cryptocurrency, she added. “These platforms often require usernames and passwords, which are potential targets for financially motivated threat actors.
Despite public keys being safe to share, researchers are seeing actors solicit the transfer of cryptocurrency funds via BEC type emails that include threat actor controlled public keys and cryptocurrency addresses. These email campaigns rely on social engineering to secure the transfer of funds from targeted victims.”
Users, she stressed, should be aware of common social engineering and exploitation mechanisms used by threat actors aiming to steal cryptocurrencies.
In 2022, Proofpoint has observed regular attempts to compromise user’s cryptocurrency wallets using credential harvesting. This method often relies on the delivery of a URL within an email body or formatted object which redirects to a credential harvesting landing page. Notably these landing pages have begun to solicit values utilised in the transfer and conversion of cryptocurrencies.
Proofpoint researchers have also observed multiple examples of phishing threat actors creating and deploy phishing kits to harvest both login credentials to cryptocurrency related sites and cryptocurrency wallet credentials or passphrases. Phish kits give threat actors the ability to deploy an effective phishing page regardless of their skill level. They are pre-packaged sets of files that contain all the code, graphics, and configuration files to be deployed to make a credential capture web page.
DeGrippo explained that these are designed to be easy to deploy as well as reusable. They are usually sold as a zip file and ready to be unzipped and deployed without a lot of “behind the scenes” knowledge or technical skill.
She added that 2022 also saw an increase in BEC specifically for cryptos. Primarily these requests are observed in the context of employee targeting, using impersonation as a deception, and often leveraging advanced fee fraud, extortion, payroll redirect, or invoicing as themes. The initial BEC email often contains the safe for public consumption values, including public keys and cryptocurrency addresses.
“By impersonating an entity known to the user and listing an actor-controlled public key or address, actors are attempting to deceive users into transferring funds from their account willingly based on social-engineering content. This is like the way actors use routing and bank account numbers during BEC phishing campaigns,” DeGrippo said.
rohma@khaleejtimes.com
Saeed Salem Al Heabsi has a room in his home in Abu Dhabi that resembles a museum, showcasing a collection of rare items
uae4 hours ago
Coca-Cola Arena, renowned for hosting premier entertainment and sports events, will be transformed into a battleground for MMA’s elite on January 25, 2025
sports4 hours ago
Astrotourism, art venture, gami-vacation are some of the predicted travel trends next year
uae4 hours ago
The British driver requires a minimum of three more points than Red Bull's three-time champion at this weekend's Las Vegas Grand Prix to keep his title hopes alive
f110 hours ago
The entire world is looking forward to the Council playing its intended role in maintaining international peace and security, it said
uae10 hours ago
After consulting with respective Team Cup Captains Francesco Molinari, of Continental Europe, and Justin Rose, of Great Britain & Ireland, Donald has confirmed the first nine competitors
golf10 hours ago
The Australian legend is gearing up for his second season with the Dubai Capitals in the DP World International League T20
cricket11 hours ago
Gladiators, emerged victorious with Jos Buttler and Tom Kohler-Cadmore striking a magical partnership
cricket11 hours ago