- U.S. and U.K. government agencies jointly release a report warning about a new malware, known as Infamous Chisel, that targets crypto wallets and exchanges.
- This malware has been linked to Sandworm, a cyberwarfare group affiliated with Russia’s military intelligence, the GRU.
- Nearly $1 billion lost to cybercrime in 2023 so far, according to blockchain security firm CertiK, with a monthly decline in losses noted in August.
Cryptocurrency investors have a new menace to look out for. Security agencies from both sides of the Atlantic have come together to unveil disturbing information about a fresh malware known as Infamous Chisel. The U.S. National Security Agency, Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation have all teamed up with the United Kingdom’s National Cyber Security Centre to issue this pressing report.
The alarm bells ring even louder given that this new malware has ties to Sandworm, a notorious cyber group working for the GRU, Russia’s military intelligence unit. This cyber unit has previously been involved in breaching Android devices used by the Ukrainian military to extract valuable data.
What makes Infamous Chisel exceptionally concerning is its sweep—it doesn’t discriminate based on the file type when plundering data. The malware is particularly aggressive in scraping directories of crypto trading platforms like Binance and Coinbase, along with Trust Wallet, extracting all kinds of data it can get its virtual hands on.
Interestingly, Infamous Chisel doesn’t waste much effort on hiding its operations. Typically, malware is designed to operate covertly to avoid detection. Infamous Chisel, on the other hand, blatantly proceeds with its malicious tasks. The report speculates that this overt behavior could be due to Android devices generally lacking in strong host-based detection systems, making it easier for the malware to operate without the need for advanced stealth tactics.
This report comes at a time when the cybersecurity landscape is more treacherous than ever. Blockchain security company CertiK revealed that just in 2023, close to $1 billion has already been drained from various digital sources due to hacks, scams, and other nefarious activities. August alone saw $45 million in losses, which surprisingly is a dip compared to July, when the digital underworld made off with $486 million.
This collaborative report serves as a critical reminder to everyone—especially cryptocurrency investors—to elevate their digital security measures. With Infamous Chisel linked to an entity as powerful as Russia’s military intelligence, the message is clear: cybersecurity threats are evolving, and vigilance is non-negotiable.
Crypto Hacks Fuel Global Concerns
In an unsettling trend that adds to global cybersecurity worries, state-sponsored hackers from Russia and North Korea are increasingly linked to high-profile cryptocurrency heists. These sophisticated cybercriminals use a blend of technological prowess and cunning tactics to breach security systems, reaping substantial rewards in untraceable digital currency. North Korea’s notorious Lazarus Group has been particularly active, utilizing the funds from these illicit activities to bolster the country’s sanctioned ballistic missile program.
Meanwhile, Russian entities, which were recently implicated in a money laundering scheme involving North Korean hackers, continue to exploit the anonymity and lack of regulation in the crypto sector for various motives including financial gain and possibly economic destabilization. The persistence of these cyber-attacks, despite law enforcement efforts, underscores the dual challenges of international legal loopholes and the inherent vulnerabilities of cryptocurrency platforms.
