According to a Carbon Black report, about $1.1 billion worth of cryptocurrency has been stolen year-to-date. As the US-based cybersecurity firm puts it, it’s quite easy to steal digital currencies, despite the security measures applied. The malware costs only $224, and if the criminals choose to buy it on the dark web, they can get it almost for free – as low as $1.04.
Carbon Black Security strategist Rick McElroy told CNBC:
“It's surprising just how easy it is without any tech skill to commit cybercrimes like ransomware. It's not always these large nefarious groups, it's in anybody's hands.”
Criminals operate mostly through the dark web, a hidden space on the internet that can be accessed via special browsers and software. The dark web pages and forums are more difficult to track, which is why criminal prefer this approach to run large-scale operations. Currently, there are over 12,000 marketplaces and about 34,000 cryptotheft offerings for hackers to pick from there. In fact, a whole market has been formed, reaching about $6.7 million.
“You just have to able to log in and be able to buy the thing — you can call customer support and they'll give you tips,” McElroy stated, referring to the dark web.
The attacks can come either from organized groups or from individuals who are trained engineers.
“It could just be two people in Romania needing to pay rent,” he said.
According to the report, crypto exchanges have been the most common target for hackers, accounting for 27% of all the attacks in 2018. For example, at the beginning of the year, cybercriminals stole $530 million worth of NEM from Coincheck.
After exchanges, businesses are the second target, with 21% of the attacks.
When it comes to targeted cryptocurrencies, Monero is by far the most preferred, with 44% of all cybercrimes focused on it. That is because this coin is more difficult to trace and has lower transaction fees. Bitcoin accounted for only 10% of attacks.