The gradual increase in popularity of Bitcoin over the last 12 months has been great for those who jumped on the bandwagon back in 2009. However, as with all industries that start to gain some coverage in the mainstream media, security has now become an issue for Bitcoin business owners and users.
Although the industry has never been impervious to attacks from cybercriminals, a recent spate of incidents has prompted some security experts to issue a warning to the cryptocurrency world. Noted by a number of security firms, a new wave of phishing scams appears to be targeting Bitcoin users.
Phishermen Using Bitcoin as Bait
“green line” (CC BY 2.0) by Jay Erickson
It’s estimated that approximately 100 phishing and typosquatting sites, targeting Bitcoin users, have been set up since the start of 2016. Essentially, criminals are looking to exploit the growth in Bitcoin through the use of websites that trick people into giving away their personal details.
The most recent example of this surge in Bitcoin deception is blockchain[.]info. Designed to be a malicious mirror site to the legitimate and popular Blockchain.info, this phishing site came to the attention of security teams after the domain started to gain increased exposure through a Google Ad Word pay-per-click scam.
And this isn’t the only site attempting to trick Bitcoin users, with a variety of domains featuring suspicious formats and spellings starting to crop up. The list of such sites includes: blolkchain.com, blockchain-wallet.top, blokchain-wallet.info, and localbitcons.com.
Learning to Beat the Bitcoin Bad Guys
“Nobody gets me Bitcoins!” (CC BY-SA 2.0) by zcopley
Naturally, filtering this information out to the wider community is the first line of defence for Bitcoin businesses and users, but it’s unlikely future attacks will solely rely on phishing scams. Modern hackers have a myriad of ways to infect sites and steal personal information from people. With this in mind, let’s quickly run through some of the more common attacks that could be used against the Bitcoin community:
Remote File Inclusion: Used to target web applications that dynamically reference external scripts, remote file inclusion attacks see the hacker find a vulnerable site and upload malware. By using remote file inclusion to exploit a weakness in the referencing function, the attacker can upload a backdoor shell that can compromise site content, hijack servers or steal personal data.
Cross-Site Scripting (XSS): A vulnerable web application will accept un-trusted data and, therefore, send it to a web browser without the necessary validation when a cross-site scripting attack takes place. Essentially, this allows a hacker to execute scripts in the victim’s browsers, which can then be used to steal personal data, deface sites or redirect the user.
Cross-Site Request Forgery (CSFR): A cross-site request forgery will force a victim’s browser to send infected HTTP requests to a vulnerable web application. The result of this process is that the website is tricked into believing that the attacker’s requests are legitimate. These requests are then authenticated and the attacker can then do as they please on the site.
Knowledge + Software = Protection
“Secure Cloud Computing” (CC BY 2.0) by FutUndBeidl
Of course, knowing more about the most likely forms of attack is a solid way to protect your business and, therefore, your customers. However, this isn’t enough on its own.
Modern security is now moving towards cloud-based technology and web application firewalls (WAFs) are the recommended way to protect your site against OWASP’s top 10 threats. In addition to being able to monitor and filter out malicious requests, WAFs are seen as an affordable solution.
Because they are cloud-based, WAFs are more flexible, more efficient and more cost-effective. For Bitcoin businesses this sort of protection should now be seen as par for the course; especially in light of recent attacks.
Indeed, as Bitcoin continues to grow in popularity, the amount of interest from hackers is bound to increase. While the latest attacks are currently being monitored, there are potentially hundreds more that we don’t know about. Fortunately, modern technology makes it easier for attacks to be averted, but only if Bitcoin businesses are prepared to invest in the right technology.