Over the past few days, the value of Bitcoin has soared from $11,000 to more than $17,500, prompting hackers to increase the number of phishing attacks on Bitcoin wallets. While investors are cashing in on the surge in value, so too are attempts to steal Bitcoin.
The purpose of the phishing attacks on Bitcoin wallets is simple. Get investors to reveal their account credentials and Bitcoin wallets can be plundered. There is also no storage of people willing to buy the stolen coins, with members of the public lured into buying up Bitcoin in the belief that the value will continue to rise. With each day seeing major increases in the price of Bitcoin, demand for the cryptocurrency is greater than ever.
CheckPhish has reported a sharp rise in Bitcoin phishing attacks on the Blockchain wallet service, with five new phishing domains registered in an attempt to get users to reveal their credentials. As is common in phishing campaigns, the attackers have registered domains closely resembling the legitimate site. They have used transposed letters and common typos for the spam email campaigns, although these domains will also catch out careless typists. Each domain is a carbon copy of the legitimate website. Other popular Bitcoin exchanges have similarly been targeted.
Phishing attacks on Bitcoin wallets are not the only Bitcoin-related scams currently doing the rounds. There have also been several spam email campaigns cashing in on the popularity of the cryptocurrency, offering users the opportunity to purchase Bitcoin. Campaigns have also been detected promoting trading bots – Bots that monitor the price of the cryptocurrency and serve as tools to maximize profits. One such bot – Gunbot – was being offered in a spam campaign picked up by Fortinet. Installing the trading bot would instead download malware designed to steal Bitcoin wallets.
Whenever the value of something soars and demand increases, cybercriminals will be ready to take advantage. However, for cybercriminals the rising value of Bitcoin is not all good news. Ransomware gangs that have previously used Bitcoin as a method of payment due to the anonymity the currency affords, have been forced to drop the use of the currency in favor of other cryptocurrencies, and in some cases, even the use of dollars for ransom payments.
If a ransomware campaign was to have a price set in Bitcoin, by the time the ransom was due for payment, the amount would be considerably higher. So high, that the decision may be made not to make the payment at all.2017