Cryptocurrency. A decade ago, names such as Bitcoin, Dash, Ethereum, and Monero were merely buzzwords. Fast forward to today, and they’ve become as recognisable as the US dollar and the Euro. In many realms, these digital currencies are ushering in a new era of investing – a modern gold rush, albeit in digital form.
As was the case during the physical gold rush in the mid-1800s, there are criminals looking to exploit innocent parties of their earnings. Carbon Black has found that modern-day cybercriminals are increasingly using the dark web to facilitate cryptocurrency theft on a large scale.
During the past six months, Carbon Black research looked into the dark web to determine how cryptocurrency malware is being bought and sold, fostering a burgeoning economy designed to pilfer some of the most popular cryptocurrencies on the market.
Key Research Findings:
- Our research uncovered a total of $1.1 billion in cryptocurrency-related thefts during the past six months.
- There are currently an estimated 12,000 dark web marketplaces selling approximately 34,000 offerings related to crypto theft.
- These malware offerings range widely in price, from as low as $1.04, to as high as $1,000 per offering. The average listing price was $224, while the “sweet spot” for pricing was around $10.
- Cryptocurrency-stealer malware is the preferred method among crypto-targeting cybercriminals.
- The available dark web marketplaces represent a $6.7 million illicit economy built from cryptocurrency-related malware development and sales.
- Of the attacks we identified, cryptocurrency exchanges are the most vulnerable target
for cybercriminals, with 27% of attacks targeting exchanges directly. Nearly 21% of cryptocurrency attacks target businesses, 14% target users directly and 7% target governments.
- Although Bitcoin is still the lead cryptocurrency for legitimate cyber transactions, cybercriminals are moving to alternative and more profitable currencies, such as Monero, which is used in 44% of all attacks.