Over 1,500 fraudulent global resources aimed at potential crypto investors have been detected in Africa since the beginning of 2021.
Kaspersky’s research, which detected these attacks, informed that in some African countries, the threat of malicious crypto miners remains prevalent. It pointed out that currently in South Africa, the share of users targeted by malicious crypto miners in H1 2021 was 0.60 per cent. In Kenya, the share of all users targeted was 0.85 per cent and in Nigeria, 0.71 per cent.
During this period, Kaspersky, which detected these gaps, said it prevented more than 70,000 user attempts globally, to visit such sites.
Kaspersky, a global cybersecurity and digital privacy firm, said common schemes used by cyber criminals include creating fake cryptocurrency exchange websites, wherein this case, the user is allegedly given a coupon for replenishing an account on a crypto exchange. It however said, to use it, users must carry out a verification payment of usually no more than 0.005 Bitcoin (about $200), which becomes the cybercriminals’ profit.
According to it, the scheme also includes sending messages about fake sales of video cards and other equipment for mining and creating phishing pages with various content to steal private keys, which allow cybercriminals to gain access to all digital assets associated with a crypto wallet.
Globally, the firm said cryptocurrency mining malware wreaked havoc in 2018, infecting more than five million people in the first three quarters of that year.
Speaking on the specific targets, Enterprise Sales Manager at Kaspersky in Africa, Bethwel Opil, said: “Although these percentages may be interpreted as low and may not seem significant to users, crypto-miner malware has been identified as one of the top three malware families rife in South Africa, Kenya, and Nigeria at present, which we believe emphasises that, as cryptocurrency continues to gain momentum, more users will likely be targeted.”
According to Kaspersky, in certain African countries, the share of all users targeted by malicious crypto miners is much higher: Ethiopia showed a share of 3.68 per cent, and Rwanda a share of 3.22 per cent.
The cyber security firm explained that when looking at the fraudulent global resources detected by it, typically, cybercriminals locate sites in popular domain zones: .com, .net, .org, .info, as well as in zones where domain acquisition is cheap: .site, .xyz, .online, .top, .club, .live.
It stressed that a distinctive feature of phishing and other types of cryptocurrency fraud is the high level of detail on phishing websites. For example, on fake crypto exchanges, real data, such as bitcoin rates, is often loaded from existing exchanges.
Kaspersky said attackers understand that people who are investing or are interested in this area are often more tech-savvy than the average user, therefore, the cyber crooks make their techniques more complex in order to get data and money from these people.
Head of the Content Filtering Methods Development department at Kaspersky, Alexey Marchenko, said lately, many have become interested in cryptocurrencies, and attackers would not pass up the opportunity to use this to their advantage.
He said at the same time, both those who want to invest or mine cryptocurrency and simply the holders of such funds can find themselves on the fraudsters’ radar.
For example, one of the schemes we recently discovered went as follows: users received a message about the sale of an exclusive Coronavirus vaccine earlier than official schedules and only for those who have Bitcoins. This type of fraud was especially prevalent when the vaccines just became available.
“The user went to the site where the contact indicated, to which it was necessary to write to pre-order the vaccine. The target then needed to make an advance payment in Bitcoins, with the money going to the cybercriminals’ account and the person receiving nothing in return.”
To avoid becoming a victim of cybercriminals and the threat of malicious crypto miners, Kaspersky recommends that users do not follow dubious links from letters, messages in messenger apps and social networks; be critical of extremely generous online offers; download applications from official stores only, use a security solution that protects against phishing, scams, and prevents the installation of malicious applications.