Blockchain technology has grown up in popularity in recent years. Excluding its initial application in cryptocurrency, it's currently getting used in property, healthcare, smart contracts and many other fields. The technology collects and stores information in groupings referred to as “blocks” and every block will hold a collection quantity of knowledge.
Over the past several years, crypto has become increasingly mainstream. Research has predicted that by the end of 2022, the number of US adults who own at least one cryptocurrency will increase by 19% to 33.7 million. This equates to 12.8% of the population. Naturally, cybercriminals have quickly learned how to cash in on this popularity.
Is cryptojacking draining your resources and exposing your organization to financial and reputation damage risk? The rise in cryptojacking, which is an illegal form of mining cryptocurrency by the unauthorized use of someone’s computing resources, has reached alarming levels. According to the Google Threat Horizon report, 86% of compromised cloud instances in 2021 were used for cryptomining. That paints the picture quite clearly.
Cryptominers are one of the main cloud threats today. Miner attacks are low risk, low effort, and high reward for a financially motivated attacker. Moreover, this kind of malware can pass unnoticed because, with proper evasive techniques, they may not disrupt a company’s business operations. Given all the possible elusive strategies, detecting cryptominers is a complex task, but machine learning could help to develop a robust detection algorithm.
Throughout 2022, Netskope Threat Labs found that attackers have been creating phishing pages in Google Sites and Microsoft Azure Web App to steal cryptocurrency wallets and accounts from Coinbase, MetaMask, Kraken, and Gemini. These phishing pages are linked from the comment sections of other websites, where the attacker adds multiple links to the phishing pages, likely to boost SEO and drive victims directly to these pages.
Our threat intelligence recently shared several threats they’ve uncovered through monitoring our B2B platform, in our recent report: Keeping pace with emerging threats: Summer 2022 roundup. One of the standout threats to keep your users aware of is a group of phishing emails impersonating Ukrainian charitable appeals – specifically those requesting cryptocurrency donations.
