Crypto Social Engineering Schemes Helped Cybercriminals Net $10M USD In Ethereum In 2017

Crime, ICO News | July 13, 2018 By:

Cybercriminals were able to steal more than $10 million worth of ethereum through social engineering schemes over the past year, according to software security group Kaspersky Lab.

In a report analyzing the main patterns and trends related to crypto hacks, the cybersecurity firm claimed that its anti virus blocked more than a hundred thousand triggers related to cryptocurrencies on fake exchanges and other sources during the first half of 2018.

“The cryptocurrency phenomenon and the growth of a keen audience of cryptocurrency owners was never going to go unnoticed by cybercriminals,” the report said. “To achieve their nefarious goals they typically use classical phishing techniques, however these often go beyond the ‘ordinary’ scenarios we have become familiar with. By drawing inspiration from ICO (initial coin offering) investments and the free distribution of crypto coins, cybercriminals have been able to profit from both avid cryptocurrency owners and rookies alike.”

According to the report, cybercriminals targeted ICO investors who seek to invest their money in startups in the hope of gaining a profit in the future. They use fake websites and phishing emails containing an e-wallet number to trick their targets out of money.

The most successful phishing attacks used well-known ICO projects, such as Switcheo ICO, OmiseGo ICO, and Telegram ICO. The report said the criminals managed to earn more than 21,000 ETH over the past year, noting that this sum doesn’t take into account classic phishing attacks or examples involving the generation of individual addresses for each victim.

“The results of our research show that cyber-criminals are adept at keeping up to date and developing their resources to achieve the best possible results in cryptocurrency phishing,” said Nadezhda Demidova, Lead web content analyst, Kaspersky Lab. “These new fraud schemes are based on simple social engineering methods, but stand out from common phishing attacks because they help criminals make millions of dollars. The success criminals have enjoyed suggests that they know how to exploit the human factor, which has always been one of the weakest links in cybersecurity, to capitalize on user behaviors.”