Attackers are taking advantage of the increased interest in cryptocurrencies for monetary gain and use mechanisms like exploits, phishing and spam campaigns, adware, drive by download, etc to increase their outreach and maximize profit.
The discussion around cryptocurrencies and blockchain is slowly becoming part of everyday lexicon, and yet the uncertainty surrounding their legality continues to exist. While the Indian government has made it clear that it does not recognise cryptocurrency as legitimate tender, Bryce Boland, Chief Technology Officer for Asia Pacific at cybersecurity firm FireEye thinks otherwise.
In an email interview with Moneycontrol, Boland spoke about the future of cryptocurrencies, their role in cybercrime, cryptomining and whether the sky high valuations of bitcoins will come back.
Q: The sentiment around cryptocurrencies seems to have turned for the worse, including in India. How do you look at the future of cryptocurrencies going forward?
A: It appears cryptocurrencies are here to stay, though we should expect significant volatility for the foreseeable future.
As people increasingly value cryptocurrencies and drive up their valuations, we should expect cybercriminals to put more and more effort into stealing them.
Attackers are taking advantage of the increased interest in cryptocurrencies for monetary gain. They use all kinds of mechanisms like exploits, phishing and spam campaigns, adware, drive by download, etc to increase their outreach and maximize profit.
We have seen several different types of malware that target systems for cryptocurrency mining purpose. We expect to see much more malware actively stealing cryptocurrency from weakly protected wallets, shimming password entry to wallets, stealing offline wallets for brute forcing, or using credentials stolen from the same user.
We also see cryptocurrency exchanges being targeted by criminals, both for direct financial gain as well as the theft of customer information.
(Delhi based bitcoin exchange firm Coinsecure lost bitcoins worth Rs 20 crore after most of its wallets were hacked this month)
Q: With its crazy valuations, Bitcoin (the most popular cryptocurrency) seems to be getting a bad rap right now, but how do you see its future valuation? Are the peak, near $19,000 valuations likely to come back?
A: I have no idea. I’d rather not try to predict that.
Q: Which are the other promising cryptocurrencies right now?
A: I’m not sure what’s promising from a consumer standpoint, but criminals are increasingly using Monero because they believe it’s more difficult to track.
Q: What is cryptomining and why should corporations be worried about it?
A: Cryptomining is when your computer generates small amounts of currency by performing computational work. Unfortunately we’ve seen cybercriminals deploy cryptomining malware in order to unknowingly hijack the computing resources of victims.
FireEye recently found cybercriminals were using a new vulnerability to compromise web servers in order to install crypto-mining software. We have observed this campaign targeting India as well at large scale ranging from companies to home based users.
Instead of targeting specific organizations, the attackers involved in cryptocurrency mining operations mainly exploit opportunistic targets, which implies that the targeting calculus of these attacks is indiscriminate in nature.
Q: There is also a lot of hype around blockchain technology right now. How do you see the practical usage of blockchain in different industries?A: It’s difficult to overstate the hype for blockchain technology right now. I think it’s overdone. If we come back to this topic in several years, I think we’ll see how few uses actually materialize in the market.