A top Russian-language underground forum has been owning a “contest” for the past month, askin its community to submit “unorthodox” ways to conduct cryptocurrency strikes.
The forum’s administrator, inside an announcement made on September 20, 2021, invited participants to submit papers that evaluate the possibility of targeting cryptocurrency-related engineering, including the theft of private take some time and wallets, in addition to protecting unusual cryptocurrency mining software program, smart contracts, and non-fungible tokens (NFTs).
The contest, which is likely to continue right up until September 1, will see an overall total prize money of $115,000 awarded to the greatest research.
“So far, the highest candidates (according to community member voting) include subjects like generating a artificial blockchain front-end website of which captures sensitive information like private keys and bills, creating a new cryptocurrency blockchain from scratch, increasing the hash rate speed of exploration farms and even botnets, and demonstrating a custom device that parses logs regarding cryptocurrency artifacts from target machines,” said Michael jordan DeBolt, Intel 471’s Senior citizen Vice President of Global Intelligence, inside an email interview with The Hacker News.
Other entries considered manipulating APIs from favorite cryptocurrency-related services or decentralized-file technology to obtain private take some time to cryptocurrency wallets along with creating a phishing website of which allowed criminals to harvest take some time to cryptocurrency wallets and the seed phrases.
Given the key role played by undercover marketplaces like Hydra around enabling cybercrime groups to help cash out their cryptocurrency carry, it’s plausible that strategies that permit Ransomware-as-a-Service (RaaS) operators to step up strain on victims and power them to give into their ransom demands could gain footing. But DeBolt noted that many entries so far have been with regards to instructions or tools regarding how to plunder cryptocurrency resources, which are unlikely to be associated with any “immediate significant value” to RaaS cartels.
Although other instances of incentivized battles involving topics like mobile phone OS botnets, ATM and even point-of-sale (PoS) exploits, and faux GPS signals have been discovered before in the cybercrime undercover, the latest development is yet another sign that criminals are progressively exploring cutting-edge techniques to assist further their motives.
“The biggest takeaway from the attacker side is that this type of incentivized knowledge-sharing bolsters the previously interconnected and interdependent cybercrime underground by consolidating dubious resources in one place and even making it easier for like-minded bad guys who want to pursue cryptocurrency hackers by giving them a software to collaborate, discuss and publish ideas,” DeBolt mentioned.
“Conversely, the biggest takeaway from your defender side is that we are able to take advantage of these open battles, to gain an understanding of existing and even emerging methodologies and tactics that we can get ready for. It illuminates things for all of us and helps to level the taking part in field,” he added in.