A high Russian-language underground discussion board has been operating a “contest” for the previous month, calling on its group to submit “unorthodox” methods to conduct cryptocurrency assaults.
The discussion board’s administrator, in an announcement made on April 20, 2021, invited members to submit papers that assess the potential for concentrating on cryptocurrency-related know-how, together with the theft of personal keys and wallets, along with overlaying uncommon cryptocurrency mining software program, sensible contracts, and non-fungible tokens (NFTs).
The, which is prone to proceed until September 1, will see complete prize cash of $115,000 awarded to the very best analysis.
“To date, the highest candidates (in keeping with discussion board member voting) embrace matters like producing a faux blockchain front-end web site that captures delicate info comparable to non-public keys and balances, creating a brand new cryptocurrency blockchain from scratch, growing the hash fee velocity of mining farms and botnets, and demonstrating a customized device that parses logs for cryptocurrency artifacts from sufferer machines,” stated Michael DeBolt, Intel 471’s Senior Vice President of International Intelligence, in an e mail interview with The Hacker Information.
Different entries checked out manipulating APIs from common cryptocurrency-related providers or decentralized-file know-how to acquire non-public keys to cryptocurrency wallets in addition to making a phishing web site that allowed criminals to reap keys to cryptocurrency wallets and their seed phrases.
With underground marketplaces likeenabling cybercrime teams to money out their cryptocurrency haul, submissions that might be of use to Ransomware-as-a-Service (RaaS) operators with a purpose to step up the stress and drive their victims into heeding to their ransom calls for is prone to acquire enormous consideration. However DeBolt famous that the majority entries to this point have been about directions or instruments for methods to plunder cryptocurrency property, which isn’t probably going to be of “quick important worth” to RaaS cartels.
Though different situations of incentivized contests involving matters like cell OS botnets, ATM and point-of-sale (PoS) exploits, and faux GPS alerts have been noticed earlier than within the cybercrime underground, the event is one more indication that criminals are more and more exploring cutting-edge methods to satisfy their monetary motives.
“The largest takeaway from the adversary aspect is that the sort of incentivized knowledge-sharing bolsters the already interconnected and interdependent cybercrime underground by consolidating illicit sources in a single place and making it simpler for like-minded criminals who need to pursue cryptocurrency hacks by giving them a platform to collaborate, talk about and share concepts,” DeBolt stated.
“Conversely, the largest takeaway from the defender aspect is that we will reap the benefits of these open contests, to realize an understanding of present and rising methodologies and ways that we will put together for. It illuminates issues for us and helps to stage the taking part in subject,” he added.