In the 2021 RSA conference, the best cybersecurity industry came together to present numerous ideas on how to stop cybercriminals from carrying out their crimes.
At the other end, the cybercriminals were holding their formal event intended to share knowledge on how to perpetuate those crimes.
Cybercriminals Running Contest for Cryptocurrency Hacks
The top Russian-language cybercrime forums have been running a “contest,” calling on its community to submit “unorthodox” ways to conduct cryptocurrency attacks.
“The forum’s administrator called for papers that covered unorthodox ways to steal private keys and wallets, unusual cryptocurrency mining software, smart contracts, non-fungible tokens (NFTs) and more.”
The administrator declared $100,000 in prizes would be awarded to winners. Subsequently, a reputable forum member added $15,000 to the prize pool.
It is said that one entry looked at manipulating APIs from popular cryptocurrency-related services or decentralized-file technology to obtain private keys to cryptocurrency wallets.
Another submission detailed how to create a phishing website that allowed criminals to harvest keys to cryptocurrency wallets and their seed phrases (a list of words that store all the information needed to recover lost cryptocurrency).
Two popular forums have been called, including mobileOS botnets, ATM and POS cracks, and fake GPS signals, among others. Prizes up to $10,000 were awarded to the “best” research, while entrants earned $50 just for submitting.
Furthermore, operators of various ransomware-as-a-service groups, including REvil and LockBit, have hosted their own contests where forum members submit papers on various topics that could potentially help further their crimes.
Benefits of the Contest
It is mentioned that this contest is a prime example of why organizations need to proactively monitor cybercrime underground.
It is also an illustration of how cybercriminals can be quicker than defenders. Forums not only serve as a marketplace but also usher in and promote innovations and cutting-edge approaches that do not need to get technical approval before being used to carry out crimes.
The biggest takeaway from the defender side is that we can take advantage of these open contests, to gain an understanding of current and emerging methodologies and tactics that we can prepare for. It illuminates things for us and helps to level the playing field”, said Michael DeBolt, Intel 471’s Senior Vice President of Global Intelligence.
Therefore, businesses need to proactively watch the underground to plan for how criminals may target their business-critical functions with information from contests, like the one discovered above, to devastate their organization.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
%20(1).webp "Hackers Offering Admin Access to 3000 Fortinet SSL-VPN"){kind=small}
