Proofpoint has outlined the methods and techniques that cyber threat actors have used to leverage and exploit cryptocurrencies and digital tokens or NFTs.
According to Proofpoint data, cyber criminals have been targeting decentralised finance (DeFi) organisations that facilitate cryptocurrency storage and transactions for possible follow-on activity. In the Proofpoint report, titled How Cyber Criminals Target Cryptocurrency, cyber criminal activity relating to digital tokens have contributed to a reported $14 billion in cryptocurrency losses in 2021.
According to senior director of threat research and detection at Proofpoint Sherrod DeGrippo, this is not a new practice.
"As the general public experiences growing adoption of cryptocurrency, people may be more likely to engage with social engineering lures using such themes," DeGrippo said.
However as bitcoin and the cryptocurrency markets have continued to crash, Guy Segal, vice president, cyber security services Asia-Pacific at Sygnia, commented that the downward spiral has contributed to "negotiations between victims of cyber crime and the attackers", in an interview with Digital Nation.
"For instance, if you could once agree on 40 bitcoin and then know that it's going to be around $2 million, now the threat actor doesn't have any certainty when he agrees on 40 bitcoins Monday, how much will that be in US dollars, by the end of the week?
"From many threat actors' point of view, that means that you cannot agree on a deal based on the number of bitcoins, but the negotiation will be concluded on the US dollar amount.
"The bitcoin rate has crashed, I think more than three times lower than the records at the moment, and it's very dynamic daily," Segal said.
According to Segal, Bitcoin anonymises cyber threat actors, enabling them to stay hidden and provides a safeguard that prevents them from being caught; noting that "the relationship between cryptocurrency and cyber crime as multi-dimensional".
"Cryptocurrency is the facilitator and enabler of most ransom attacks.
"First, whenever you deal with ransom, ransom is being paid in cryptocurrency. Usually, but not always bitcoin," Segal added.
"The other issue is that the cryptocurrency companies – exchange firms – are very fragile and very vulnerable to be under attack.
"There is no easier method of financial extraction than the illicit transfer of cryptocurrency," Segal said.