Within the 2021 RSA convention, one of the best cybersecurity business got here collectively to current quite a few concepts on learn how to cease cybercriminals from finishing up their crimes.
On the different finish, the cybercriminals had been holding their formal occasion meant to share information on learn how to perpetuate these crimes.
Cybercriminals Operating Contest for Cryptocurrency Hacks
The highest Russian-language cybercrime boards have been operating a “contest,” calling on its neighborhood to submit “unorthodox” methods to conduct cryptocurrency attacks.
“The discussion board’s administrator referred to as for papers that coated unorthodox methods to steal personal keys and wallets, uncommon cryptocurrency mining software program, good contracts, non-fungible tokens (NFTs) and extra.”
The administrator declared $100,000 in prizes could be awarded to winners. Subsequently, a good discussion board member added $15,000 to the prize pool.
It’s mentioned that one entry checked out manipulating APIs from fashionable cryptocurrency-related providers or decentralized-file expertise to acquire personal keys to cryptocurrency wallets.
One other submission detailed learn how to create a phishing web site that allowed criminals to reap keys to cryptocurrency wallets and their seed phrases (a listing of phrases that retailer all the data wanted to get better misplaced cryptocurrency).
Two fashionable boards have been referred to as, together with mobileOS botnets, ATM and POS cracks, and faux GPS indicators, amongst others. Prizes as much as $10,000 had been awarded to the “finest” analysis, whereas entrants earned $50 only for submitting.
Moreover, operators of varied ransomware-as-a-service teams, together with REvil and LockBit, have hosted their very own contests the place discussion board members submit papers on varied matters that might doubtlessly assist additional their crimes.
Advantages of the Contest
It’s talked about that this contest is a major instance of why organizations have to proactively monitor cybercrime underground.
It is usually an illustration of how cybercriminals could be faster than defenders. Boards not solely function a market but additionally usher in and promote improvements and cutting-edge approaches that don’t have to get technical approval earlier than getting used to hold out crimes.
The largest takeaway from the defender aspect is that we are able to make the most of these open contests, to achieve an understanding of present and rising methodologies and ways that we are able to put together for. It illuminates issues for us and helps to stage the taking part in subject”, mentioned Michael DeBolt, Intel 471’s Senior Vice President of International Intelligence.
Due to this fact, companies have to proactively watch the underground to plan for a way criminals might goal their business-critical features with data from contests, just like the one found above, to devastate their group.