According to ThreatMetrix, the world of cryptocurrency has moved from being the playground of the criminal underworld to be a prime target for attacks on legitimate transactions.
The security company warns that fraudulent new accounts are created using stolen or synthesised identities to set up mule accounts to launder money.
And additionally, legitimate accounts are being hacked to make fraudulent payments and transfer cryptocurrency balances out when at their highest value.
The warnings about cryptocurrencies come as Threatmertrix reveals a 113% year-over-year increase in cyber attacks in the fourth quarter of 2017, as both the volume and the nature of attacks change.
The report also revealed an increased volume of attacks apparently originating from Russia and Vietnam, using both automated bots and location spoofing tools.
In fact, for the very first time, ThreatMetrix says Russia appears to have emerged as a top attack originator, with the majority of incidents targeting ecommerce retailers in the US.
In addition, Vietnam appeared to be one of the top five attack originators for the first time, with a strong concentration of bot attacks on global merchants – with attacks from Vietnam targeted leading businesses in the US, UK, Australia, Singapore and Japan.
According to ThreatMetrix, key shopping days in Q4 over the holiday season saw up to two million bot attacks apparently coming from Russia alone.
“These persistent, but increasingly sophisticated, attacks were primarily targeting top American retailers,’ ThreatMetrix notes.
The number of attacks on eCommerce during the fourth quarter of 2017 was 113% of the volume of attacks across all industries in the previous quarter, underscoring what ThreatMetrix says was the pressure retailers are under during this period. Almost 193 million transactions were rejected as fraudulent, representing a 173% increase over the previous year.
ThreatMetrix says the quarter also saw heavy bot activity from across the globe with more than 34 million attacks during the peak holiday shopping period.
In addition to these 34 million attacks, ThreatMetrix says it recorded about 800 million bot attacks throughout the quarter, ranging from simple account validation attacks to sophisticated bots attempting to masquerade as legitimate customer traffic.
Other key highlights from the report include:
- ThreatMetrix detected and stopped 251 million attacks in real time last quarter, as the overall attack rate grew 50% year-on-year.
- Fifty-two percent of all online transactions now come from mobile devices, a 54% increase from two years ago.
- Fifty-eight percentof all account creations are now done on a mobile device, and attacks on mobile account creations grew 150% since the start of 2017.
- Cross-border transactions continue to grow quarter-on-quarter: 30% of transactions are now cross-border, up from 25% at the beginning of 2017.
- The ThreatMetrix Digital Identity Network analysed more than 610 million transactions during the peak holiday shopping days around Black Friday.
- Bot attacks have reached unprecedented levels this quarter, with 840 million bot attempts detected and blocked.