Phishing impersonations and business email compromise (BEC) attacks designed to steal victims’ bitcoin surged by 192% between October 2020 and May 2021, closely following the rising demand and increasing price of bitcoin over the last eight months, according to analysis by Barracuda Networks.
Bitcoin themed cyber attacks have typically been used in extortion and ransomware attacks in the past, but hackers have now started to incorporate cryptocurrency into spear phishing, impersonation, and BEC attacks, the analysis revealed.
Hackers impersonating digital wallets
The research shows that this is because of rising demand, increasing price valuations and more holders of the cryptocurrency than ever before. What’s more, cryptocurrency payments are decentralised and unregulated, giving cyber criminals the means to extort victims’ bitcoin whilst remaining completely anonymous.
Researchers observed and intercepted multiple attack campaigns which saw hackers impersonate digital wallets and other cryptocurrency related apps with fraudulent security alerts to steal log-in credentials. In the past, attackers impersonated financial institutions targeting your banking credentials, today they are using the same tactics to steal valuable bitcoin.
Aanalysis also observed that cybercriminals have included bitcoin as part of their BEC attacks impersonating employees within an organization. They target and personalise these emails to get their victims to purchase bitcoin, donate them to fake charities or even pay a fake vendor invoice using crypto currency.
Most commonly used key phrases in bitcoin cyber attacks
Additionally, the most commonly used key phrases in bitcoin-inspired email attacks were identified – typically, cybercriminals will create a sense of urgency, with the phrases ‘urgently today’, ‘day runs’ and ‘nearest bitcoin machine’ coming out on top, followed by terms that play on victims’ sentiment, such as ‘charity donation’.
Fleming Shi, CTO for Barracuda Networks comments: “Accelerating interest and demand for bitcoin has provided cyber criminals with a payments method which is virtually untraceable, enabling a multi-billion pound economy of ransomware, cyber-extortion and impersonation attacks, primarily targeting individual investors and private companies.
“Thus, it’s more important than ever for organizations, workers, and investors to keep their data and financial assets completely secure. Continuing to train users and employees to recognise the latest tactics used by hackers is imperative to maintaining blanket security for any given organization, and all businesses and potential victims are heavily encouraged to back-up their data with a third party cloud-based data backup solution to prevent data loss, reduce downtime in the event of a cyber attack, and insure themselves against surging ransomware threat levels.”