Cryptocurrency marketplaces that allow for trading on the full range of digital currencies, are undergoing multiple types of attacks, new research showed.
Cryptocurrency has moved from being the playground of the criminal underworld to be a prime target for attacks on legitimate transactions, according to the Q4 2017 Cybercrime Report by ThreatMetrix.
“Cryptocurrency marketplaces need a more accurate way to verify the identity of new customers who open an account in order to prevent the infiltration of criminals,” said Vanita Pandey, vice president of product marketing at ThreatMetrix. “Using intelligence from the ThreatMetrix Digital Identity Network, these marketplaces can better differentiate between good customers and fraudsters the moment they arrive, and thus see an immediate reduction in fraudulent activity on their platforms.”
Fraudulent new accounts are created using stolen or synthesized identities to set up mule accounts to launder money. Additionally, legitimate accounts are being hacked to make fraudulent payments and transfer cryptocurrency balances out when at their highest value.
The report also revealed an increased volume of attacks originating from Russia, using automated bots and location spoofing tools.
Russia emerged as a top attack originator, with the majority of incidents targeting ecommerce retailers in the U.S.
Key shopping days in Q4 over the holiday season saw up to 2 million bot attacks coming from Russia alone. These persistent, but sophisticated, attacks were primarily American retailers.
The number of attacks on eCommerce during the fourth quarter of 2017 was 113 percent of the volume of attacks across all industries in the previous quarter, underscoring the pressure retailers are under during this period. Almost 193 million transactions were rejected as fraudulent, representing a 173 percent increase over the previous year.
The quarter also saw heavy bot activity from across the globe with more than 34 million attacks during the peak holiday shopping period. In addition to these 34 million attacks, ThreatMetrix recorded 800 million bot attacks throughout the quarter, ranging from simple account validation attacks to sophisticated bots attempting to masquerade as legitimate customer traffic.
Other key elements of the report include:
• ThreatMetrix detected and stopped 251 million attacks in real time last quarter, as the overall attack rate grew 50 percent year-on-year
• 52 percent of all online transactions now come from mobile devices, a 54 percent increase from two years ago
• 58 percent of all account creations are now done on a mobile device, and attacks on mobile account creations grew 150 percent since the start of 2017
• Cross-border transactions continue to grow quarter-on-quarter: 30 percent of transactions are now cross-border, up from 25 percent at the beginning of 2017
Click here to register for the report.