A high Russian-language underground discussion board has been working a “contest” for the previous month, calling on its neighborhood to submit “unorthodox” methods to conduct cryptocurrency assaults.
The discussion board’s administrator, in an announcement made on April 20, 2021, invited members to submit papers that assess the opportunity of focusing on cryptocurrency-related expertise, together with the theft of personal keys and wallets, along with overlaying uncommon cryptocurrency mining software program, sensible contracts, and non-fungible tokens (NFTs).
The contest, which is prone to proceed until September 1, will see whole prize cash of $115,000 awarded to the very best analysis.
“To this point, the highest candidates (in accordance with discussion board member voting) embrace matters like producing a pretend blockchain front-end web site that captures delicate info equivalent to non-public keys and balances, creating a brand new cryptocurrency blockchain from scratch, rising the hash charge velocity of mining farms and botnets, and demonstrating a customized software that parses logs for cryptocurrency artifacts from sufferer machines,” stated Michael DeBolt, Intel 471’s Senior Vice President of World Intelligence, in an electronic mail interview with The Hacker Information.
Different entries checked out manipulating APIs from in style cryptocurrency-related companies or decentralized-file expertise to acquire non-public keys to cryptocurrency wallets in addition to making a phishing web site that allowed criminals to reap keys to cryptocurrency wallets and their seed phrases.
With underground marketplaces like Hydra enabling cybercrime teams to money out their cryptocurrency haul, submissions that might be of use to Ransomware-as-a-Service (RaaS) operators with a purpose to step up the stress and pressure their victims into heeding to their ransom calls for is prone to achieve large consideration. However DeBolt famous that the majority entries to date have been about directions or instruments for the best way to plunder cryptocurrency property, which isn’t seemingly going to be of “rapid important worth” to RaaS cartels.
Though different cases of incentivized contests involving matters like cellular OS botnets, ATM and point-of-sale (PoS) exploits, and pretend GPS alerts have been noticed earlier than within the cybercrime underground, the event is one more indication that criminals are more and more exploring cutting-edge strategies to satisfy their monetary motives.
“The largest takeaway from the adversary facet is that this sort of incentivized knowledge-sharing bolsters the already interconnected and interdependent cybercrime underground by consolidating illicit assets in a single place and making it simpler for like-minded criminals who need to pursue cryptocurrency hacks by giving them a platform to collaborate, talk about and share concepts,” DeBolt stated.
“Conversely, the largest takeaway from the defender facet is that we are able to make the most of these open contests, to achieve an understanding of present and rising methodologies and techniques that we are able to put together for. It illuminates issues for us and helps to degree the enjoying discipline,” he added.