Carbon Black, a cyber-security company, announced that roughly $1.1 billion in cryptocurrencies was stolen in the first and second quarters of 2018. According to their report, criminals have been taking advantage of the dark web to carry out large-scale cryptocurrency theft. In accessing the dark web, an application from a special software enables people to remain anonymous and even untraceable.
Company Security Strategist, Rick McElroy, says there is a basic malware selling on the dark web. This malware costs about $224 USD and can go as low as $1.04 USD. Additionally, the malware has customer support. The malware marketplace is worth nearly $6.7M USD.
The report also indicates that most of the hacking is done by organized criminals, but there are incidences of trained engineers looking for alternative source of income. McElroy states experts in hacking and other cyber-crimes makes the work very easy for them.
“Cyber-crime is becoming very simple because most of the nations are teaching coding yet there are no jobs for the graduates. This makes it easy for them to venture into this crime because they have to take care of their daily lives like paying rent and taking care of other expenses,” McElroy explains further.
Unlike the Banking Sector
The cryptocurrency market is not like the banking sector where there is an institutional support. That assistance protects their money or even covers for any losses incurred during incidences like hacking. In the decentralized cryptocurrency market, it is very hard to trace any stolen funds. McElroy added that, “Many people are not aware how to protect their funds. Most of the crypto investors are using cloud wallets and are not even aware of the mechanisms to use to secure their money or investments.”
The study shows that exchanges are targets of most hackers. This year, 27% of the attacks were on exchanges. Hackers are mainly targeting exchanges because they know that they control large amounts of crypto assets. In the past, many exchanges, like Mt. Gox, declared bankruptcy due to hacking.
On June 6th, GuardiCore’s security team unearthed a malicious traffic manipulation which was a campaign for cryptocurrency mining. This campaign had already infected more than 40,000 machines belonging to governments, education, and finance sectors.