Phishers targeting mainstream interest in crypto


By Dylan Bushell-Embling
Friday, 17 June, 2022

Phishers targeting mainstream interest in crypto

Cybercriminals are exploiting interest in cryptocurrency and non-fungible tokens by incorporating cryptocurrency into the phishing landscape, according to Proofpoint researchers.

Proofpoint Senior Director of Threat Research and Detection Sherrod DeGrippo said the company’s researchers have observed techniques such as credential harvesting, cryptocurrency transfer solicitation like business email compromise, and the use of malware stealers targeting crypto credentials.

“Cybercriminal threats to cryptocurrency are not new; however, as the general public experiences growing adoption of cryptocurrency, people may be more likely to engage with social engineering lures using such themes,” he said.

“Crypto went mainstream with Superbowl ads this year and threat actors have taken note of the opportunity for a quick payday. There is no easier method of financial extraction than the illicit transfer of cryptocurrency.”

Threat actors are targeting master or extended private keys capable of transferring all funds associated with child keys generated from those keys, DeGrippo said.

There are three main categories of phishing campaigns targeting cryptocurrency: credential harvesting, transfer solicitation and commodity stealers that target cryptocurrency values.

Meanwhile, business email compromise campaigns are being adapted to target cryptocurrency credentials, and old information-stealing malware is being updated to check for crypto-specific artefacts. This will typically involve looking for a wallet.dat file which contains public and private keys, transaction history and a user’s wallet address.

Image credit: ©stock.adobe.com/au/nicescene

Related News

New tool makes websites more secure

An international team of researchers has developed a scanning tool to make websites less...

Proofpoint warns of "dangerous" Microsoft 365 function

Proofpoint has discovered a method of exploiting a function within Microsoft 365 that could allow...

Schneider, Claroty launch building security tool

Schneider Electric and Claroty have launched a joint solution providing a range of cyber-physical...


  • All content Copyright © 2022 Westwick-Farrow Pty Ltd