Hacking bounties are not limited to cybersecurity professionals and their client companies. Thanks to the continuing popularity of cryptocurrency, such as the recent streak of Bitcoin and Dogecoin, demand has risen on ideas for hacking them. For the past month, a Russian underground forum has been holding a contest for unorthodox ways of hacking cryptocurrency.
A total of 115,000 US dollars is at stake for the best idea to hack cryptocurrency-related technology that will result in stolen wallets or private keys.
The ideas so far include:
- Generating a fake blockchain front-end website to capture sensitive information such as private keys and balances.
- Creating a new cryptocurrency blockchain from scratch to increase the hash rate speed of mining farms and botnets.
- Demonstrate a custom tool that parses logs for cryptocurrency artifacts from victim machines.
- Manipulate APIs from popular cryptocurrency-related services.
- Create a phishing website to harvest keys to cryptocurrency wallets and their seed phrases.
According to Michael DeBolt, Intel 471’s Senior Vice President of Global Intelligence, this proves that cybercriminals are continuing to find out technical vulnerabilities and sharing amongst themselves in an organized manner to further their interests; and that well-placed intelligence can allow authorities and security experts to take advantage of this situation by knowing and understanding the techniques and methods that they can come up with in almost real-time.