Cryptocurrency Will Continue to Face Ransomware, Botnet Attacks in 2021: Sophos Cybersecurity Threat Report

Cryptocurrency will continue to fuel cybercrimes such as ransomware and malicious crypto mining.

By Shomik Sen Bhattacharjee | Updated: 22 November 2021 19:07 IST

Cryptocurrency Will Continue to Face Ransomware, Botnet Attacks in 2021: Sophos Cybersecurity Threat Report

Cryptocurrency will continue to fuel cybercrimes such as ransomware attacks

Highlights

Some ransomware attacks use fake crypto app login screens
Crypto-mining botnet attacks are on the rise
Crypto could be used by cybercriminals to evade sanctions

Cybersecurity form Sophos says that attacks such as ransomware will continue to make use of cryptocurrency. Over the past year and a half, ransomware attacks constituted 79 percent of all global cybersecurity breaches, it said. These incidents, investigated and remediated by Sophos' rapid response team, reveal that some of these attacks target crypto investors through fake app login screens.

The Sophos' 2022 Threat Report which was published over the weekend, aims to provide perspective on security threats and trends facing organisations in 2022 and the threat landscape in 2021, with additional insights on possible loopholes that could be breached in the future. The study talks about a mobile malware family that ran riot in 2021 known as Flubot as one of the predominant banking trojans affecting the Android platform.

The malware presents users with fake bank and cryptocurrency app login screens to steal the user's passwords for those services. In addition to robbing bank details, it also steals data like the contact list, which it then uses to spam the victim's friends and associates with messages that can lead to additional Flubot infections.

Russian Officials Say Cryptocurrencies Could Dent Tax Reserves

The malware spreads primarily through SMS text messages and mimics popular shipment tracking services from major international parcel shipment services like DHL, FedEx and UPS. The victim receives SMS alerts with a URL link, and occasionally an SMS that pretends to be a voicemail message – also with a web link.

Sophos also warns that automated botnet attacks like Mirai have gained in prominence too over the years, becoming the vehicle of choice to deliver crypto-mining malware. These bits of code infect various corporate assets such as servers and IoT devices, cyber-criminals can use the collective processing power of hundreds – or thousands – of machines to mine cryptocurrency and spread it to further devices.

"As a method of evading sanctions, cryptocurrencies are well suited to the task, which may be why criminals based in regions of the world that remain under traditional economic sanctions exclusively deal in cryptocurrency. Beyond that, because cryptocurrency is anonymous, it can be difficult to determine where the money ends up," states the report.

US Charges Ukrainian and Russian in Major Ransomware Spree

"Sophos believes that the illicit use of cryptocurrency, both to evade sanctions and to obfuscate involvement in criminal activity, will continue to increase in 2022, with ransomware and crypto-jacking being the two most prominent ways that criminals can directly receive cryptocurrency payments from their victims," the report adds.

Interested in cryptocurrency? We discuss all things crypto with WazirX CEO Nischal Shetty and WeekendInvesting founder Alok Jain on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.