Emerging Threats//
CrazyHunter Ransomware
CrazyHunter is a ransomware campaign targeting healthcare that weakens endpoint defenses and escalates privileges before encrypting systems at scale.
By Mark Arena, CEO of Intel 471.
I recently read an article which claimed the “criminal underworld” was dropping its use of Bitcoin. In the past month, Intel 471 has looked closely at the criminal underground to identify if Bitcoin was still strong in its use and whether there were any up-and-coming cryptocurrencies that were gaining traction or which eventually might overtake Bitcoin’s current usage levels.
Overall, Bitcoin still appears to be the most popular cryptocurrency in the underground by far. Given the recent problems with Bitcoin (high fees, slow transactions, ability to track transactions), one would expect a growth of other cryptocurrencies. However, alternative cryptocurrencies still are not widely used as a payment method, at least in part because the payment and escrow systems of most of the criminal marketplaces mainly support Bitcoin only.
Anecdotally, it appears Monero is becoming more popular because:
1. It provides full anonymity; and
2. It is easier to port a miner into a hidden malware for all platforms, including mobile.
We looked on our platform to count the number of mentions per each cryptocurrency. Roughly, the mentions are:
· 50,000 to 85,000 for Bitcoin;
· 2,000 to 14,000 for Ethereum;
· 1,000 to 2,500 for Monero; and
· 1,000 to 2,000 for Litecoin.
Our analysis of criminal underground forum posting timelines show that mentions of Bitcoin steadily grow; Ethereum’s mentions are fewer, but growing slightly; Monero shows some ups and downs, but seems to decline slightly; and Litecoin suddenly appeared in March 2017, but since has been declining.
On another note, one of the top sellers of credit cards in the underground recently wrote he was seeking to add Dash as an alternative cryptocurrency after Bitcoin, which currently is the only cryptocurrency supported there.
In summary, Bitcoin still is the top cryptocurrency used by criminals in the underground by far. More importantly, it is unclear whether any cryptocurrency will overtake Bitcoin, not which cryptocurrency that might be.