Crypto Industry Highly Vulnerable To Cyberattacks In 2020

The crypto sector, like any other business, is highly vulnerable to cyberattacks in 2020, according to a cybersecurity report by Check Point Research.

No company was spared from cyber-attacks in 2019, regardless of its size. Cybercrime is lucrative, and thus tempting to unscrupulous people. Researchers estimated that it produced US$ 1.5 trillion in cybercrime rates for 2018.

Bitcoin is resilient due to the randomness of the exchange of data within its blockchain, and the use of robust encryption. The blockchain and the data can not therefore be duplicated or exploited through malware or other malicious technology. Yet transactions taking place around the blockchain are vulnerable to cyberattacks.

For example, the Cyber Security Report for 2020 underlines the threat posed by cryptomining attacks to cloud infrastructures. While last year’s value of cryptocurrencies declined in value, cloud infrastructures pose a massive target for malicious campaign cryptomination.

Cryptomining malware is classified as software programmes and malware components which are programmed to take over the resources of a computer and use them for cryptocurrency mining without the permission of a consumer.

Ransomware is yet another threat which in 2019 became more sophisticated and targeted. There was a 50 per cent increase in attacks by mobile banking malware in the first half of 2019 compared to 2018. In turn, according to the study, “27 percent of all organisations globally were impacted by cyberattacks that involved mobile devices.”  The report describes the malware that actually targets Bitcoin over any other cryptography. For example, Glupteba provides a mechanism for updating the Command and Control Address that public Bitcoin lists. Thus, Glupteba is used to distribute a router or browser stealer. Cryptoloot is also used for online Monero coins mining when an attacker enters a web page without the user’s permission. In addition, Danabot is a banking Trojan targeting Windows platform which is also used to steal passwords and wallets from browsers.

“To prevent zero-day attacks, organisations first need incisive, real-time threat intelligence that provides up-to-minute information on the newest attack vectors and hacking techniques. Threat intelligence must cover all attack surfaces, including cloud, mobile, network, endpoint, and IoT, because these vectors are commonplace in an enterprise.”