Stop right now if you are reading this to learn how to steal cryptocurrency.
This is not a "how-to" for crypto-thieves, but rather a "watch-out" for the ways they do it. Pardon the disclaimer, but people these days...
Anyway, cryptocurrencies are tanking in the market right now. Part of the reason is that they are not quite as secure as everybody thought, thanks to the cyber-criminals.
Kaspersky Labs revealed that Lazarus, a program used for years in cyber-espionage and sabotage, has turned its attention to financial institutions. In August, Kaspersky reported that Lazarus had compromised banks, cryptocurrency exchanges, and fintech companies.
"While assisting with an incident response operation, we learned that the victim had been infected with the help of a Trojanized cryptocurrency trading application that had been recommended to the company over email," the company said.
That was then; this is now. In the past week, the cryptocurrency market has lost billions.
Of course, it's not all the crypto-thieves' fault. According to reports, however, they are to blame for about $571 million in crypto-hacks since last year.
Trojan Horses to Sextortion
Here's how they do it:
In the Lazarus attack, the malware got in through a Trojan horse via email. That strategy accounts for three-fifths of the common crypto-hacks.
Mining botnets work on malware-infected computer networks, enabling hackers to control systems remotely. Kaspersky says cybercriminals are using them to mine cryptocurrency.
Sextortion is another version of the oldest profession. In the most common scam this year, the scammers stole passwords, threatened to release compromising video, and demanded Bitcoin ransoms.