McAfee details rise in blockchain threats, cryptocurrency attacks

A new McAfee report on blockchain threats shows cryptomining malware grew more than 600% in the first quarter this year.

McAfee's "Blockchain Threat Report" details the massive increase in cyberattacks against cryptocurrency owners, exchanges and other companies leveraging blockchain as the value of those cryptocurrencies has surged over the last year. Steve Povolny, head of advanced threat research at McAfee, said the intent of the report is to create a baseline for the industry as it deals with increased blockchain threats that use many of the same attack techniques and methods of the last five to 10 years.

"We've seen an explosion in cryptocurrency value recently," Povolny said. "Hundreds of them were created in a very short time, and now we're seeing threat actors trying to capitalize on that value."

While attackers have learned to adopt different attack methods that target both consumers and businesses, according to McAfee researchers, the four major attack vectors include familiar threats like phishing, malware, implementation vulnerabilities and technology. Phishing is the most familiar blockchain attack due to its prevalence and success rate, the researchers wrote. Malware, meanwhile, has exploded over the last year; the report shows the total cryptomining malware samples increased 629% quarter-over-quarter in Q1 of this year. The report also notes that malware developers began to shift from ransomware to cryptocurrency mining in the last six months with "ransomware attacks declining 32% in Q1 2018 from Q4 2017 while coin mining increased by 1,189%."

Technology attacks, as explained by the researchers, are threats like dictionary attacks that are used against cryptocurrency private keys. Lastly, implementation vulnerabilities refer to flawed deployments of blockchain technology; the report cites examples such as the 2017 attack on blockchain startup Iota, where attackers exploited cryptographic vulnerabilities to create hash collisions and forged signatures, which enabled the hackers to steal coins from users' digital wallets. Povolny stressed these vulnerabilities are not flaws with blockchain itself, which has proved to be secure so far.

The "Blockchain Threat Report" states, "In most cases, the consumers of blockchain technology are the easiest targets. Due to a widespread start-up mentality, in which security often takes a backseat to growth, cryptocurrency companies often fall in this category."

Povolny said the issue of security within cryptocurrency and blockchain creates a two-sided problem. The first side revolves around the companies that initially rushed to capitalize on cryptocurrency but didn't complete basic security checks and risk assessments; those shortcomings, which include a lack of proper access controls, make them easy targets for threat actors, he said. The second side is the financial motivation, as many cryptocurrencies' values reached all-time highs in late 2017, when Bitcoin was valued at almost $20,000 per coin, thus catching the attention of hackers. This two-sided cryptocurrency problem created a continuous cycle that resulted in the development of wallets and ledgers being built without a complete understanding of security risks or an implementation of security around the programs, McAfee researchers claim.

The report also notes that "recovering from cryptocurrency theft is more difficult and complicated than with most other currencies due to their decentralized nature." In order to secure a network, a tailored risk assessment should be conducted.

As industries begin to implement their own blockchain technology, users should prepare for continued development of new technologies by cybercriminals to further compromise them, McAfee researchers wrote. However, since there is not a clear understanding of where these risks are, trust may be placed in unwarranted blockchain applications. In order to keep cryptocurrency wallets safe, Povolny recommends storing them locally on a computer that lacks network accessibility and notes that we may not see people flock to a currency like this again.

Despite the increase in threats, Povolny said the surge in cryptocurrency startups and blockchain deployments is expected to continue.