Swiss security pros warn of malware attacks on exchanges

  • By Tom Cleveland

  • November 21, 2018
  • 3:22 am BST

Swiss bankers have a well-earned reputation in the world of banking, but when Swiss security professionals that support these banks issue warnings, then people tend to listen very carefully. Switzerland’s Reporting and Analysis Centre for Information Assurance (MELANI), a government agency, recently released a report by its security team that warns that “cybersecurity threats once focused on breaking into online banking services have pivoted to more efficiently attack cryptocurrency exchanges.”

Per one reporter: “MELANI found seminal e-banking trojan Dridex has been ramping up its crypto-focused operations. It actually first appeared in 2012 under another name, Cridex. Researchers found the number of targeted cryptocurrency exchanges in its configuration files had increased this year. Similarly, prominent malware Gozi, discovered in 2009, has evolved to suit new digital asset trends. Gozi is currently targeting cryptocurrency exchanges, after it was recorded to have used ‘malvertising’ for the first time in order to spread itself as quickly as possible.”

The term “malvertising” refers to a new technique whereby clever advertising ploys are used to trick consumers into visiting criminal servers, where malware software is subsequently attached to the user’s computer. The malware then routinely reports back keystroke information for further analysis to ascertain actual login and password credentials for sensitive financial accounts. These ads are typically displayed above search engine results, a process which tends to confuse the computer user, as well.

The report also cites that, “A computer virus that mines the anonymous cryptocurrency Monero has been ranked as the sixth most significant malware to hit Switzerland in the first half of this year.” This particular malware is more insidious by nature, since it is also capable of downloading more malware to perform the traditional functions mentioned above, but more importantly, it “can forcibly encrypt the contents of hard drives, holding data to ransom until a payment is made (typically with cryptocurrency).”

This is not the first incidence where Monero was in the security news regarding malware. The firm recently announced an initiative in September to combat attacks on its basic software. Many users had been unaware of the potential for ransomware that had taken advantage of Monero’s user-friendly Proof-of-Work algorithm. After assisting in the discovery of any malware present, the firm also provides remedies for removing the various types of programming code that have been used.