A study reveals that roughly $1.1 bln worth of crypto has been stolen in the first half of 2018, with exchanges as the most popular target for cybercriminals.
Cybersecurity company Carbon Black announced that roughly $1.1 bln worth of digital currency has been stolen in the first half of 2018, CNBC reported June 7.
The security company said that criminals take advantage of the dark web to facilitate large-scale cryptocurrency theft. Estimates reportedly show that there are 12,000 marketplaces and 34,000 offerings associated with cryptotheft hackers can take advantage of. The dark web can be only accessed with the application of special software and allows users to stay anonymous and mostly untraceable.
Carbon Black Security strategist Rick McElroy, who was interviewed by CNBC, said that basic malware costs an average of $224 and can be priced as low as $1.04. McElroy added that it even sometimes comes with a form of customer support. According to the report, the malware marketplace is worth $6.7 mln.
The report notes that thefts can be carried out by organized crime cartels or criminal gangs, but often it’s a highly-trained engineer who works alone and is looking for a means of supplementary income. As explained by McElroy, cyber-theft is “pretty easy to do” and anyone could be capable, not only notorious hacker groups. He added:
"You have nations that are teaching coding, but there's no jobs. It could just be two people in Romania needing to pay rent."
Unlike banking and conventional financial operations, cryptocurrency holders do not have institutional support to protect their savings or cover their losses in case of a fraud or hacker attacks. McElroy said:
"Usually we rely on banks, the tools are out there but investors need to know how to do this. A lot of people are unaware in this new gold rush, people are using cloud wallets and not securing their money."
Per the study, exchanges were the most popular target for cybercriminals this year, making up 27 percent of attacks.
Yesterday Cointelegraph reported that GuardiCore security team discovered a malicious traffic manipulation and cryptocurrency mining campaign. The campaign called Operation Prowli infected over 40,000 machines across various industries, including finance, education, and government.