A top Russian-language underground forum has been managing a “contest” for the past month, asking its community to submit “unorthodox” ways to conduct cryptocurrency assaults.
The forum’s administrator, inside an announcement made on Apr 20, 2021, invited people to submit papers that measure the possibility of targeting cryptocurrency-related technologies, including the theft of private secrets and wallets, in addition to masking unusual cryptocurrency mining application, smart contracts, and non-fungible tokens (NFTs).
The contest, which is likely to continue right up until September 1, will see an overall total prize money of $115,000 awarded to the ideal research.
“So far, the most notable candidates (according to community forum member voting) include subjects like generating a bogus blockchain front-end website the fact that captures sensitive information including private keys and amounts, creating a new cryptocurrency blockchain from scratch, increasing the hash rate speed of gold mining farms together with botnets, and demonstrating a custom application that parses logs regarding cryptocurrency artifacts from prey machines,” said Michael jordan DeBolt, Intel 471’s Senior citizen Vice President of Global Intelligence, inside an email interview with The Hacker News.
Other entries considered manipulating APIs from favorite cryptocurrency-related services or decentralized-file technology to obtain private secrets to cryptocurrency wallets along with creating a phishing website the fact that allowed criminals to harvest secrets to cryptocurrency wallets and the seed phrases.
Given the role played by subterranean marketplaces like Hydra around enabling cybercrime groups to be able to cash out their cryptocurrency take, it’s plausible that procedures that permit Ransomware-as-a-Service (RaaS) operators to step up strain on victims and drive them to give into their ransom demands could gain traction force. But DeBolt noted that a lot of entries so far have been regarding instructions or tools regarding how to plunder cryptocurrency property, which are unlikely to be regarding any “immediate significant value” to RaaS cartels.
Although other instances of incentivized competitions involving topics like mobile phone OS botnets, ATM together with point-of-sale (PoS) exploits, and pretend GPS signals have been noticed before in the cybercrime subterranean, the latest development is yet another sign that criminals are significantly exploring cutting-edge techniques to aid further their motives.
“The biggest takeaway from the foe side is that this type of incentivized knowledge-sharing bolsters the by now interconnected and interdependent cybercrime underground by consolidating dubious resources in one place together with making it easier for like-minded scammers who want to pursue cryptocurrency modifications by giving them a software to collaborate, discuss and promote ideas,” DeBolt stated.
“Conversely, the biggest takeaway through the defender side is that you can take advantage of these open competitions, to gain an understanding of latest together with emerging methodologies and tactics that we can plan. It illuminates things for people and helps to level the participating in field,” he included.