In an ongoing Distributed Denial-of-Service (DDoS) attack on Electrum cryptocurrency wallets, almost 152,000 Electrum wallets have reportedly been infected. Victims were initially tricked into downloading a fraudulent update to the Electrum software that stole their cryptocurrencies. The hackers later launched DDoS attacks in response to developers of the popular wallet's efforts to protect users, with the amount of stolen funds increasing to $4.6 million. The infection in Electrum's infrastructure reportedly grew from just below 100,000 wallets on April 24 to 152,000 the next day.
A major email application was breached earlier last month when a hacker got hold of a customer support worker's login credentials, gaining access to the accounts of all noncorporate users of the program. Victims of the breach are now discovering what may be the chief motivation behind the attack: accessing and emptying users' cryptocurrency accounts. The company initially said the breach impacted only email metadata and customer information, but affected users with cryptocurrency wallets have reported that after the breach, their wallets have been emptied and their funds stolen. Another recently reported "cryptojacking" campaign, termed Beapy, appears to be attacking enterprises based in China, South Korea, Japan and Vietnam. According to reports, Beapy infects victims through malicious emails and installs crypto-mining malware.
Following declining funding from Iran and the closing of hundreds of tunnels under the Gaza-Egypt border in 2013, the armed wing of Hamas appears to be turning to bitcoin to raise funds and evade law enforcement. The Gaza-based Izz el-Deen al-Qassam Brigades, designated as a terrorist organization by the EU and the U.S., originally asked donors to send bitcoin to a single wallet. Now, however, the group has changed the mechanism: Instead of a single wallet, its website generates a new wallet with every transaction, making funds harder to track. Financial regulators are also encountering increased difficulty in tracking payments sent through cryptocurrency exchanges, as cross-border payments from the U.S. to offshore exchanges have increased by 46% since early 2017. This increase poses a quandary for U.S. financial regulators: Once the payments reach exchanges and wallets outside the country, they are very difficult for domestic authorities to track. As governments around the world increase scrutiny on blockchain transactions, reports indicate a rise in novel techniques to mask user identities. So-called CoinJoins, where users mix their bitcoins with each other in a single transaction, enable cryptocurrency users to hide the connection between the sender and the recipient of a payment. According to a recent report, so-called mixed cryptocurrency transactions now represent 4.09% of all bitcoin payments.
To read more about the topics covered in this week's post, see the following:
- Beapy: Cryptojacking Worm Hits Enterprises in China
- Electrum DDoS botnet reaches 152,000 infected hosts
- Number of Infected Electrum Bitcoin Wallets Reaches 152,000
- Microsoft Outlook Email Breach Targeted Cryptocurrency Users
- Hamas shifts tactics in bitcoin fundraising, highlighting crypto risks: research
- CipherTrace Detects Major Uptick in Cross-Border Payments to Offshore Crypto Exchanges
- CoinJoins as a Percentage of All Bitcoin Payments Have Tripled to 4.09% Over the Past Year
- Mixed Cryptocurrency Transactions Up 300% as Crypto Users Pursue Anonymity
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.