articles

Crypto Industry Ripe for Fradusters, BlackBerry Stops 1.5 Million Attacks in 2 Months

BlackBerry found that threat actors are increasingly diversifying tooling to hijack devices to mine or steal crypto.

Blackberry has detected several malware families that are being used to run massive campaigns for stealing crypto from devices.

In the August edition of ‘The BlackBerry Global Threat Intelligence Report,’ the former titan of the smartphone industry found that finance, healthcare, and government are the top three industries with the highest distribution of cyberattacks.

Malware Everywhere

From March 2023 to May 2023, BlackBerry’s cybersecurity solutions managed to stop over 1.5 million attacks, during which it identified the crypto industry as being ripe for fraudsters who prey on unsuspecting victims. The attackers are expanding their range of tools to evade defensive controls, particularly targeting legacy solutions that rely on signatures and hashes.

BlackBerry’s telemetry has identified an ongoing trend in the usage of commodity malware like ‘RedLine,’ which is capable of extracting various sensitive information, including saved credentials, credit card details, and cryptocurrency data.

‘SmokeLoader’ is one of the most prominent malware families that has been a recurring presence in the threat landscape.

Since its first appearance in 2011, SmokeLoader has become immensely popular. Initially associated with Russian-based threat actors until 2014, it has been employed to distribute a variety of malware, ranging from ransomware and infostealers to crypto miners and banking Trojans.

Spam emails, weaponized documents, and spearphishing attacks are some of the ways SmokeLoader is distributed to the victims.

Once it infiltrates a victim’s system, SmokeLoader establishes a persistence mechanism to survive reboots, employs DLL injection to camouflage within legitimate processes, conducts host enumeration, and downloads/installs additional files or malware to further its malicious activities.

RaccoonStealer, categorized as an infostealer, is designed to acquire browser cookies, passwords, auto-fill web browser data, and cryptocurrency wallet information. This malware has gained notoriety for being offered as Malware-as-a-Service (MaaS) on dark web forums and similar platforms.

Targets

Linux operating systems are active targets for threat actors, aiming to exploit computer resources for cryptocurrency mining, mainly privacy-centric crypto-asset, Monero.

Meanwhile, macOS users are now facing a new threat in the form of an infostealer called Atomic macOS, which is specifically designed to collect credentials from keychains, browsers, cryptocurrency wallets, and other sensitive data on macOS-based devices.

BlackBerry revealed thwarting the highest number of attacks in the United States. During the reporting period, the company witnessed a notable surge in the Asia-Pacific (APAC) region, with South Korea and Japan was observed now ranking among its top three. Furthermore, New Zealand and Hong Kong have made significant progress, securing positions within the top 10 in terms of attack prevention.

Original source: https://cryptopotato.com/crypto-industry-ripe-for-fradusters-blackberry-stops-1-5-million-attacks-in-2-months-report/

ownuser
the authorownuser