In today’s digital world, one cannot ignore cybersecurity. One single security breach can lead to exposing the personal information of millions of people. These breaches have a strong financial impact on the companies and also loss of the trust of customers. Hence, cyber security is very essential to protect businesses and individuals from spammers and cyber criminals.
The Scale of the Cyber Security Threat
According to Cybercrime Magazine, cybercrime will cost the world $10.5 trillion annually by 2025! Furthermore, global cybercrime costs are predicted to rise by almost 15 percent yearly over the next four years. Concepts such as the pandemic, cryptocurrency, and the rise in remote working are coming together to create a target-rich environment for criminals to take advantage of.
$70K is stolen in a five-month campaign by a cryptocurrency scam app masquerading as WalletConnect
A malicious Android app on the Google Play Store has been discovered, allowing attackers to steal around $70,000 in cryptocurrency from victims over nearly five months. The app, identified by cybersecurity firm Check Point, masqueraded as the legitimate WalletConnect open-source protocol to trick users into downloading it.
The app achieved over 10,000 downloads by ranking high in search results, making it the first time a cryptocurrency drainer has exclusively targeted mobile device users. Over 150 users are estimated to have fallen victim to the scam.
The campaign involved distributing a deceptive app called “Medtox Calculator,” “WalletConnect – DeFi & NFTs,” and “WalletConnect – Airdrop Wallet.” The app was popular in Nigeria, Portugal, and Ukraine, and linked to a developer named UNS LIS.
The developer has also been associated with another Android app called “Uniswap DeFI” that remained active on the Play Store for about a month between May and June 2023. Both apps can be downloaded from third-party app store sources, highlighting the risks posed by downloading APK files from other marketplaces.
Once installed, the fake WallConnect app redirects users to a bogus website based on their IP address and User-Agent string, and if so, redirects them a second time to another site that mimics Web3Inbox. Users who don’t meet the required criteria are taken to a legitimate website to evade detection, effectively allowing the threat actors to bypass the app review process in the Play Store.
The core component of the malware is a cryptocurrency drainer known as MS Drainer, which prompts users to connect their wallet and sign several transactions to verify their wallet. The information entered by the victim is transmitted to a command-and-control server, which sends back instructions to trigger malicious transactions on the device and transfer funds to a wallet address belonging to the attackers.
Stay Ahead of The Next Attack with XM Cyber
Attackers are constantly on the hunt for the quickest and easiest paths to your critical assets, using a combination of exposures such as CVEs, credentials, and misconfigurations to navigate their way through your defenses.
At XM Cyber, we understand that protecting your organization requires more than just identifying risks; it requires seeing the full picture and knowing what to fix.
A Glimpse into the Findings
Our research reveals startling insights: 75% of an organization’s critical assets are vulnerable in their current security state, and 94% of these can be compromised in just four steps or less from the initial breach point. Whether these attack paths are simple or complex, they demonstrate how crucial it is to see beyond isolated vulnerabilities and understand the intricate pathways that attackers exploit.
Key Insights You’ll Gain:
- Visualization of Attack Paths: Understand how vulnerabilities, misconfigurations, and overly permissive roles create exploitable routes to your critical assets.
- Prioritization with Context: Learn how to prioritize your security efforts by seeing how issues interconnect and pave the way for potential breaches
- Dynamic Defense Strategies: Discover the dynamic nature of attack paths and how to anticipate and mitigate threats effectively.
The security of any organization starts with three principles: Confidentiality, Integrity, and Availability. This is called the CIA, which has served as the industry standard for computer security since the time of first mainframes.
Fig: CIA triad
- Confidentiality: The principles of confidentiality assert that only authorized parties can access sensitive information and functions. Example: military secrets.
- Integrity: The principles of integrity assert that only authorized people and means can alter, add, or remove sensitive information and functions. Example: a user entering incorrect data into the database.
- Availability: The principles of availability assert that systems, functions, and data must be available on demand according to agreed-upon parameters based on levels of service.
“Don’t wait for the breach to teach.” cybersecurity threats are a pervasive and ever-present danger in today’s digital landscape. By understanding the nature of these threats, empowering individuals with knowledge and awareness, and implementing robust defense strategies, we can navigate the digital realm with confidence and security.
