Fraudulent cryptocurrency investment schemes have continued to find ways to thrive. Despite the many security protocols that companies and investors have put in place, these same operations continue to find new ways to lure people away from their funds. According to a new report from cybersecurity firm Abnormal Security, another malicious scheme is now making waves.
Malware Propagates Via Email
The security firm reported that cybercriminals have been mimicking the famous Bitcoin Era trading platform and using it to lure investors. Per the report, the scammers have been sending malicious emails to people, with the mails looking strikingly similar to those sent from the Bitcoin Era.
Messages reportedly address users by their names, making them look even more legitimate. The hackers tell victims that they’ve been approved to execute Bitcoin transactions, although they would need $250 as a starting sum.
However, the “Create an account” button is where the trouble erupts. Once users click on it they are redirected to the homepage of a fake website. A pop-up appears that asks for victims’ permission to show notifications from a website. If a victim clicks the “Allow” button, their computer gets infected by adware. Abnormal Security didn’t give any details about the malware or how many devices it had affected. However, the security company counseled people to be wary of such emails and to protect themselves.
The Continued Threat of Increased Malware Attacks
Malware attacks have become a significant point of concern in the crypto industry this week. Yesterday, a bombshell report from privacy and security firm F-Secure explained that the Lazarus Group — a hacking organization with extensive ties to North Korea — had been using job listing website LinkedIn to target professionals in the blockchain and crypto sector.
According to the report, Lazarus Group has been creating several bogus job listings on LinkedIn, hoping to target job seekers. One such listing contained an attachment titled “BlockVerify Group Job Description.” When opened, the document immediately executes malicious code.
F-Secure found that the code had similarities to some publicly available code online. A representative from the group further explained:
“The purpose of the malware was mainly to fetch login credentials and provide access to the victim’s network, eventually to reach the system required to steal the cryptocurrency.”
The company also pointed out that the Lazarus Group is carrying out North Korea’s mission to spy on entities both in and outside the crypto space. Asides the North Korean threat, individuals and companies across the world have remained vigilant in their pursuit of safety from security threats. The global pandemic has forced more companies to move their operations online, and subpar security measures will only make them sitting ducks for hackers.
The world got a glimpse of what was to come when hackers began sending spam ad phishing emails related to the coronavirus earlier in the year. However, no one believed that the pandemic’s effects would last this long. In the same way, the need for security has prolonged over time.