Hackers move beyond banking to target cryptocurrency: study
Hi-Tech Crime Trends 2017 report by Group-IB uncovers numerous compromised UAE bank accounts and credit cards
The emergent crypto industry is now an increasingly lucrative target for hackers, the extent of is the focus of a new study by Group-IB.
According to the Hi-Tech Crime Trends 2017 report, the total damage caused by targeted hacker attacks on the crypto-currency industry amounts to more than $168 million, and the income from attacks on cryptocurrency exchanges varies from $1.5 million (Bitcurex) to $72 million (Bitfinex). Beyond the lure of higher profitability, hackers are also attracted by the power of digital anonymity, one of the basic principles of the cryptocurrency industry, the study adds.
The crypto industry includes initial coin offerings (ICO), wallets, exchanges, and funds and has been attracting increasingly large capitalisation and funds.
In comparison, a successful attack on a bank brings criminals only about $1.5 million, on average. Illustrating the fact that the traditional financial industry is also not safe, in the past few weeks, Group-IB has found that 228 bank accounts and nearly 2,000 credit cards have been compromised in the UAE alone, and an additional 5,738 account details of bank employees have been leaked. The top emerging threats in the financial sector in this period were identified as Fin7, Cobalt Cybercrime group, Lazarus, NetWire RAT and SMiShing.
Group-IB, provides services for preventing and investigating high-tech crimes and online fraud. The findings of the report were announced at an event to mark the establishment of Group-IB’s regional presence across the Middle East, Turkey, Africa, and South Asia, with headquarters in Dubai, and led by Tarek Kuzbari, managing director of Group-IB for the region.
Tarek Kuzbari, managing director, Middle East, Africa, Turkey & South Asia, Group-IB, said: “With hackers moving to more sophisticated agendas such as espionage, sabotage, data theft, and disruption of infrastructure, targeted attacks on banks, payment systems, bank clients, and even cryptocurrency exchanges will move beyond impacting organisations to directly affecting the lives and finances of citizens and residents. Through this report, we want to highlight the need for heightened security awareness among the individuals and organisations in the banking and financial sector, thereby closing the door to malicious actors and securing all UAE residents and their finances.”
In the coming year, the theft of money will not be the main source of losses for banks and financial institutions from cyber-attacks. According to the report, the destruction of the IT infrastructure of banking and financial organisations during the final stages of a targeted attack by financially-motivated cybercriminals and state-sponsored hackers will cause the most grievous harm.
“Accelerated digitisation in the region is making it critical for organisations to prioritise security measures, and the level of threat that all of us in the UAE face is quite high. Over the past year, we have observed the increased competence of hackers to impact critical infrastructure with targeted large-scale incidents, and this can instantly negate all the efficiencies and advances brought about through a digital transformation undertaking” said Kuzbari.