Former smartphone giant BlackBerry’s cybersecurity division has identified notorious malware families that are exclusively targeting cryptocurrencies and the crypto ecosystem.
Prominent malware includes the likes of RaccoonStealer, SmokeLoader, and Vidar, which hijack computers belonging to unsuspecting users for crypto mining or theft.
BlackBerry Identifies Significant Threats
The findings were published in a “Global Threat Intelligence Report” published on Thursday. In the report, the former smartphone giant states that they successfully averted over 1.5 million cyberattacks between the months of March and May. The company added that the primary target of these attacks was the healthcare, financial, and government sectors. BlackBerry published the report on X, stating,
“Think only enterprises get hacked? If you’re a mid-market or small business, you still have a big target on your small or mid-size back. BlackBerry’s@aboutsecurity shares why cybercriminals select targets based on impact & how much they’re willing to pay.”
One of the most significant threats identified during this period was RedLine, a commodity malware that can harvest information such as saved credentials, crypto, and credit card information. RedLine was used to breach Hatch Bank, a fintech banking platform, leading to the loss of significant banking data and crypto. BlackBerry noted in its report,
“During this reporting period, BlackBerry telemetry observed a continuous trend in the use of commodity malware such as RedLine, which can harvest information including saved credentials, credit card information, and cryptocurrency.”
Malware Targeting Crypto
The company also identified several other malware families specifically designed to hijack and use computers for mining purposes. These include RaccoonStealer, Vidar, and SmokeLoader. SmokeLoader, a rogue financial tool, is of particular concern and has been used by Russian hackers and threat actors for rogue crypto mining. RaccoonStealer, a malware that can be sourced from the dark web, has been designed to specifically target crypto wallets and steal information. The malware is capable of obtaining passwords, cookies, web browser data, and cryptocurrency wallet data.
Another malware, Vidar, targets Linux users and extracts information from crypto wallets and exchanges. Hackers routinely target Linux systems because they are vulnerable to mining attacks. BlackBerry has advised companies to apply security patches to secure themselves from attacks orchestrated by the malware families in question.
“Vidar harvests banking information, browser credentials, and cryptocurrency wallets, as well as standard files.”
The report also highlighted the Clop ransomware, which was used to target banking and financial institutions. This particular ransomware was also responsible for a data breach at Hatch Bank. The report also highlighted the growing threat to critical sectors from hackers and such malware, emphasizing the importance and urgency for companies to bolster their cybersecurity practices to counter these threats.
Hackers have also introduced the Promotei botnet to target Linux-based servers to mine cryptocurrencies such as Monero. Given the botnet’s advanced features, tracing and stopping it has been notoriously difficult.
The Crypto Space And Cybersecurity
SonicWall, a cybersecurity firm, has, in a recent report, stated that crypto-jacking incidents have risen a staggering 399% year-on-year. Most of the entities behind these attempts are based in regions where mining bans and sanctions are in force. An estimate by Statista projects the cybersecurity market to reach $162 billion in 2023 on the back of increasing threats to the crypto ecosystem.
The most recent hack targeting an exchange occurred on the 22nd of July when North Korean hackers from the notorious Lazarus Group targeted the Coinspaid exchange and stole around $37 million.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Source:https://cryptodaily.co.uk/2023/08/blackberry-identifies-notorious-malware-targeting-crypto