As reported by multiple sources, the latest cryptocurrency theft was recorded at a worth of over half a billion by the leading North Korean hackers group, Lazerus. There have been numerous claims that the hackers’ group was funded by North Korea causing chaos in the crypto world.
Lazerus has been involved in approximately 14 hacks since the beginning of the year 2017, reports suggest. In total, thefts in online exchanges have risen to $882 million, however, the famous North Korean group Lazerus has been the most successful with an estimated thievery of $571 million.
Following the events of 2017 related to hacks in the online exchanges, Dmitry Volkov, Chief Technology Officer and Head of Threat Intelligence at Group-IB urged various institutions that steps should be taken by the crypto industry against the hacks that are causing damage to the online exchanges. Volkov warned that these recent events depict more fraudulent activities are to follow in 2018 as the crypto industry is in no state to defend itself against the occurring events. Dmitry Volkov states:
Increased fraudulent activity and attention of hacker groups to crypto industry, additional functional of malicious software related to cryptocurrencies, as well as the significant amounts of already stolen funds signal that the industry is not ready to defend itself and protect its users. In 2018 we will see even more incidents. The dark side of the crypto industry requires a response from the community, including researchers, scholars and the academia.
A summary provided by the leading security provider, Group-IB sheds light on the methods used by the hackers group to carry out these events. Different methods such as spear phishing, social engineering and malware were the most practiced tools used in the fraudulent activities.
It was reported that spear phishing is the primary source of attack used by hackers on the enterprise networks, adding:
After the local network is successfully compromised, the hackers browse the local network to find work stations and servers used working with private cryptocurrency wallets.
As mentioned earlier, reports by various sources claim that more attacks are expected to take place especially coming from those who attack banks and they might as well play their cards in the cryptocurrency world after knowing how vulnerable the crypto industry is.
It has also been recorded that most attacks occur as hackers capitalize on the “crypto fever” within investors. This indicates that investors are so keen on making investments before everyone else that they forget to realize that it could give rise to such damaging cyber attacks. As a result of these events, known hacking groups are able to steal over $1 million per month.
The loopholes in the crypto industry have made the hackers more innovative and have given them an upper hand over investors where confidential financial information is stolen from investor’s database and is sold on the dark web or worse, used against investors to blackmail them.
Reports suggest that ICOs remain under most threat for being attacked by cyber-criminals where projects look for funding from investors. These attacks have grown by 51% and will continue to increase due to the awareness of hackers in recent times.
Fraudulent phishing-schemes involving crypto-brands will only get more complex as well as cybercriminals’ level of preparation for phishing attacks. Automated phishing and the use of so-called ‘phishing-kits’ will become more widespread, including for the attacks on ICOs.
Phishing has become a notable source of income for hackers and has given them an easy gateway to make direct attacks against cryptocurrencers in which they pretend to be a known personality and deduce sensitive information through different means such as text, emails or through mobile apps.
Experts have called phishing the most dangerous attack in the world of cryptocurrency and is continuing to grow to the extent that many believe Bitcoin was especially designed for the purpose of stealing for which steps are to be taken for advanced protection. Earlier this year, Mark Risher, Director of product management at Google and account security leader of the phishing and identity services team addressed the same issue as:
Online security breaches happen, they are a fact of life but we’ve found phishing to be far more dangerous. We are seeing an increasing volume in scams related to crypto-currencies. Bitcoin feels as though it was tailor made for phishing attacks. It is completely virtual, and tied to various online accounts. It is irrevocable, is not backed by governments or supported by insurance. We’ve found that within 24 hours of someone uploading their resume online to say they work for a cryptocurrency, or someone on social media putting pro cryptocurrency messages, they are getting more attacks from cyber criminals. It is scary, and something we are taking seriously to offer dynamic levels of protection.
Furthermore, North Korea is considered as a dominant force in the crypto world and has been alleged in hiring hacking experts and groups for laundering cryptocurrencies through different online exchanges and wallets. Similarly, claims surround the news that North Korea sponsored the hacking group Lazerus to make steals worth $571 million.