2018 is on track to be another strong year of the growth for the global cryptocurrency marketplace with more newcomers and Wall Street anxious to join the “Digital Gold” party. Cryptocurrency market capitalization is on pace to surpass $1 trillion in the months ahead as new entities enter this forum despite impending regulation threatening to dampen the mood. Although there are certain risk factors associated with cryptocurrencies that regulation is sure to curb, one of the risks that will become among the most prominent in 2018 will be the threats associated with malware and other cybersecurity-related exposure. Although these threats are nothing new, the more people that are vulnerable to this type of attack only means more targets for cybercriminals.
One of the newest identified threats goes by the name of “Digmine,” which has surfaced and is quickly propagating via Google Chrome’s version of Facebook Messenger affecting crypto and non-crypto enthusiasts alike by deploying botnets that mine for Monero (XMR). According to TrendLabs Security Intelligence Blog, “if the user’s Facebook account is set to log in automatically, Digmine will manipulate Facebook Messenger in order to send a link to the file to the account’s friends. The abuse of Facebook is limited to propagation for now, but it wouldn’t be implausible for attackers to hijack the Facebook account itself down the line. This functionality’s code is pushed from the command-and-control (C&C) server, which means it can be updated. A known modus operandi of cryptocurrency-mining botnets, and particularly for Digmine (which mines XMR), is to stay in the victim’s system for as long as possible. It also wants to infect as many machines as possible, as this translates to an increased hashrate and potentially more cybercriminal income.”
Earlier this year Kapersky Lab published their findings that over 1.65 million computers were targeted for attack by mining malware between the months of January and August of 2017. There were over 1.8 million computers affected by this type of malware in 2016 and an excess of 700,000 mining botnet attacks in 2014. Along with malware, people should always be on the lookout for phishing, social engineering, and all-out fraud when dealing with cryptocurrencies. If you are going to play the crypto-markets, be sure to play it safe. Utilize 2-factor authentication and other best practices to secure your digital assets. When it comes to social media, Trend Micros’ Guide to securing your social media accounts provides a solid framework for individuals and enterprises seeking to remain protected. While you are at it, don’t forget to review the established and emerging fraud trends in Bitcoin and other cryptocurrencies to know how to spot fraud when it is coming your way.
Kamal Hubbard is a lawyer by training who is certified in Fraud Examination, Cybersecurity, and Decentralized Finance.