Are Bitcoins Safe from Hackers?
If your account isn’t traded in the underground, are you safe?
We’ve received a lot of feedback on our recent post about what’s being traded in the underground economy, with a lot of people wondering what information isn’t being traded and why. Naturally, the fact that a certain type of account is being traded by hackers in the underground means it’s being targeted by cybercriminals… But does that mean information that isn’t being targeted is safe?
Unfortunately, other information that lives online and isn’t commonly traded in the underground economy is still at risk. Let’s take a look two types of personal details that aren’t normally traded in the underground and explain why they’re still at risk.
While they’re not traded in the underground, Bitcoin wallets’ private keys and the credentials for web wallet services are quite lucrative to hackers. The reason they are not traded is rather straightforward: Bitcoin equals cash, and you simply don’t trade cash.
In the early days of the underground communities, hackers used an e-currency service called e-gold, which was shut down by the U.S. government in 2008, to facilitate trade. After it was shut down, hackers migrated to Russian-based service WebMoney. However, when WebMoney implemented methods that made illegal trading harder for cybercriminals, they migrated to a new service, Liberty Reserve, which became the standard currency in the underground.
In May 2013, U.S. law enforcement agencies seized and shut down libertyreserve.com. Afterward, it wasn’t so much a question of whether cybercriminals would migrate to another service, but rather which service it would be. After the dust has settled, the new and present e-currency of choice in the underground economy became Bitcoin.
This means that the end goal for cybercriminals is to obtain Bitcoins, whether by selling services and credentials or by legally funding Bitcoin accounts so they can buy things from vendors. The whole process is pretty simple: when a hacker gains access to a compromised Bitcoin wallet, all he or she needs to do is transfer funds to his or her own account.
Why aren’t Bitcoins traded in the underground? Because Bitcoins are today’s “Dumps + PINs.” As discussed in our recent post, “dumps” are the raw information on the magnetic strip which can be used by encoding the data on a fake card and going to a brick-and-mortar merchant to buy goods (also known as “carding”). This information can’t be used at an ATM because it’s missing the associated PIN code. “Dumps + PINs,” however, have all the required data to go to the ATM, but they’re sold by hackers trying to rip off unsuspecting underground buyers. After all, any hacker can go to the ATM, enter the encoded card and PIN numbers and safely and immediately get cash out. So why would anyone sell those credentials to someone else?
Social media accounts
While it is possible to find social media account information being traded in the underground every now and then, that information isn’t as popular to cybercriminals as other credentials. This may come as a surprise, considering all the new stories about Twitter and other account types being hacked. Still, the reason you won’t find these types of credentials traded often is that the cybercriminals trading credentials in the underground aren’t typically the same people as those seeking to steal people’s identities.
Hacktivists, for example, often target social media accounts but do not participate in the underground economy. Only recently we discussed the CENTCOM hack, in which the Twitter and YouTube accounts of the U.S. Central Command were breached by hacktivists who support ISIS. While it is possible to make money off stolen social media accounts, that’s typically not hacktivists’ main motivation. The methods used to make money from stolen social media accounts are also not often used by the same people who target credit cards and online banking accounts.
To sum up, the underground economy does not represent the “sum of all threats” that exist online, but rather focuses on a more specific type of cybercriminal. There are cases where certain targeted credentials are not traded simply because they are more worth exploiting than trading. The working assumption should be that all accounts are targeted and are at risk, and measures should be taken to ensure their safety. Time will tell whether information that isn’t much of a commodity in the underground economy today—like Bitcoins, for example—will one day become more valuable to hackers. What’s your guess on whether Bitcoins will one day be traded, and if so—when?
Did you enjoy this post? If so, subscribe to get a weekly roundup from BlogDOG.