Dubai, United Arab Emirates: As the price of bitcoin surged in the recent months, so too have the volume and sophistication of cyberattacks relating to the popular cryptocurrency. This is according to new research by Barracuda Networks, Inc., a leading provider of cloud-enabled security solutions, which found that impersonation attacks relating to cryptocurrencies grew 192% between October 2020 and April 2021 – aligning with the near 400% increase in the value of bitcoin over the same period. The report found that attackers are now expanding their range of cryptocurrency attacks from extortion and ransomware, to now incorporating digital currencies into spear phishing, impersonation, and business email compromise (BEC) attacks.
“Cryptocurrency seems to be a perfect currency for criminal activity — it’s unregulated, difficult to trace, and increasing in value. For these reasons, it has fuelled and enabled a multibillion economy of ransomware, cyber-extortion, and impersonation,” said Fleming Shi, CTO at Barracuda. “The increased digitalisation of businesses since the onset of the pandemic has resulted in more data being created and stored in collaboration apps, and more information being exposed. This has created more targets and potential value for criminals. Combined with the increased price of bitcoin, these factors have presented strong motivation for cybercriminals to come up with more sophisticated schemes to cash in on bitcoin-mania.”
Barracuda’s researchers found that one of the most common methods of attack was the impersonation of digital wallets and other cryptocurrency-related apps with fraudulent security alerts to steal log-in credentials. In the past, attackers impersonated financial institutions targeting victims’ banking credentials. Today they are using the same tactics to steal valuable bitcoins.
Cybercriminals have also included bitcoin as part of their business email compromise (BEC) attacks, impersonating employees within an organisation. They target and personalise these emails to get their victims to purchase bitcoin, donate them to fake charities, or even pay a fake vendor invoice using cryptocurrency. Barracuda’s Artificial Intelligence (AI) based natural language processing of these BEC emails revealed the key phrases and calls to action that hackers are using to incite their victims. Most commonly, cybercriminals create a sense of urgency by using phrases like “urgent today” or before the “day runs” out. Their call to action is typically for their victim to go to the “nearest bitcoin machine.” They also play on their victims’ sentiments to request that a payment be made as a “charity donation,” making their victims believe they are doing a good thing.
Growing cost of ransomware
As an unregulated and difficult to trace digital asset, cryptocurrency has long been the preferred payment method for ransomware demands. Now, as the value of cryptocurrencies has surged, the ransom amounts hackers are asking for have been going up as well. In 2019 ransom demands ranged from a few thousand dollars to $2 million at the top end. By mid-2021 most demands were in the millions, with a significant number over $20 million. “Cybercriminals might still be requesting the same amount of bitcoin, but with the price of cryptocurrency going up it costs more for organisations to pay out,” said El Inati.
Offering advice to businesses that have fallen victim to ransomware, Shi said, “When faced with ransomware attack, a lot of organisations and consumers don’t know what to do other than to pay the ransom. This feeds the appetites of cybercriminals, encouraging them to attack more and ask for even bigger ransoms. If it can be avoided, don’t pay up, and work with government agencies to get a resolution.”
“As bitcoin and other cryptocurrencies become more mainstream, their value will continue to grow. But so will government intervention and regulations. It’s a rapidly evolving threat landscape and organisations and individuals must remain vigilant as cybercriminals will continue to demonstrate their ingenuity in formulating new and convincing ways to exploit the hype and ambiguity that surrounds cryptocurrencies,” Shi concluded.
At Barracuda we strive to make the world a safer place. We believe every business deserves access to cloud-enabled, enterprise-grade security solutions that are easy to buy, deploy, and use. We protect email, networks, data, and applications with innovative solutions that grow and adapt with our customers’ journey. More than 200,000 organizations worldwide trust Barracuda to protect them — in ways they may not even know they are at risk — so they can focus on taking their business to the next level.
Barracuda Networks, Barracuda and the Barracuda Networks logo are registered trademarks or trademarks of Barracuda Networks, Inc. in the U.S. and other countries. Other trademarks are the property of their respective owners.