Cyber criminals are not done yet after the attack that shut down cryptocurrency exchange Mt. Gox in March, another wave of malicious campaign in the form of phishing is targeting hundreds of finance, media, and technology organizations, among others.
This incident came to light following investigation by security firm Proofpoint. The company said a phishing campaign involving the theft of Bitcoin credentials has been sending tens of thousands of bogus messages to more than 400 organizations in the industries aforementioned.
Blockchain.info, another popular Bitcoin exchange, claims it has seen an increase of 500 percent in wallet users since 2013, bringing the number of total wallet holders to more than two million. In addition, the Bitcoin wallet website says it is processing more than 30,000 transactions every day.
According to the findings of Proofpoint, a fake source sends an email message to a target victim and pretends to be coming from a legitimate authority warning the user of a potential hijacking on his or her account on any Bitcoin exchange. The alleged hijacking is said to be perpetrated by hackers from China, therefore capitalizing on fears of China-based hacking. For greater truth, the phisher also uses a unique identification in order to paint some hue of legitimacy on the message and make it look convincing.
The email content would include the date during which the hacking attempt purportedly took place and the IP address of the hacker. As in any other security advisory from legitimate sources, the message includes a link for the user to reset the password of his or her Bitcoin account. In truth, the fake Blockchain.info source redirects the user to a phishing site that, if successful, would log the username and password of the unsuspecting user.
The phishing campaign also varied its URLs and .com domains in order to work its way around the spam detection system of email providers.
Needless to say, this allows the hackers to gain access to your wallet on Blockchain to transfer credits to another account that the hacker controls. According to Blockchain, nearly three percent of those redirected to the phishing site have clicked on the bogus login page and unwittingly gave up their credentials.
This incident is a clear manifestation of how far Bitcoin has posed disadvantages to its users, beginning with the hacking of Mt. Gox. Part of what contributes to the lax security of the Bitcoin industry is the lack of regulation. It is a multi-billion dollar business that at any rate could crush at the tip of the hackers’ fingers.