Kaspersky Lab's Head of Commercialization: We 'Continue to Monitor' Cryptojackers & North Korean 'Threat Actors'

Vitaly Mzokov, the head of commercialization at Kaspersky Lab, a leading Moscow-based global cybersecurity and anti-virus solutions provider, recently shared his views with CryptoGlobe regarding the main security threats related to decentralized cryptocurrency platforms such as the Bitcoin (BTC) network.

Mzokov, who’s also the head of verification and growth center as Kaspersky Lab, revealed that “the main threats cryptocurrency owners may face” include “phishing, such as replicas of crypto-exchange sites or sites of projects that collect cryptocurrencies” for upcoming initial coin offerings (ICO). He added that “even if the user is careful and everything is done correctly, the stock [or crypto] exchange can be hacked and funds can be stolen. The same goes for landing pages of the ICO projects.”

According to the mathematics and computer science postgraduate from Tyumen State University, “malicious code can be injected in different open-source websites or repositories, from which it can compromise different systems.” Other attack vectors include installing “malware, which replaces the address of the wallet at the time of sending cryptocurrency”, Mzokov noted.

North Korea "Had Successfully Compromised Several Banks"

Additionally, the cybersecurity expert confirmed that hackers may use “spyware that can help an attacker to get a private key from a wallet by spying on the user (by taking screenshots, for example).” In response to a question about any updates or latest information regarding North Korean hackers allegedly stealing cryptocurrency from other countries, Mzokov said: 

In August 2018, Kaspersky Lab published a report on how the Lazarus threat actor, which has been linked to North Korea, had successfully compromised several banks and infiltrated a number of global cryptocurrency exchanges and fintech companies in an operation named Apple Jeus.

He added that Kaspersky Lab continues to monitor Apple Jeus and other threat actors in the crypto space. When asked whether he expects cryptojacking, or selfish crypto mining, to remain a threat this year and in the future, he remarked:

Yes, we consider cryptojacking a threat that will remain of relevance at least in the near future, as the profit is easy to monetize and cryptocurrencies remain more valuable than the cost of such an attack. This year we have seen a large botnet that was mining Electroneum.

How To Prevent Cryptojacking

Mzokov also noted that “Monero (XMR) is still [a] popular [choice among cryptojackers as it is a valuable currency, plus it is an anonymous blockchain so its transactions are untraceable. Yet everything can change if its price falls.” When asked about preventive measures we can take to avoid being a victim of cryptojacking, Mzokov recommended the following:

Install a high-quality security solution that can protect you against Trojans downloading miners. Miners themselves are not malicious applications, as users can intentionally install them. Kaspersky Internet Security detects such applications, but does not block or remove them by default. It puts them into riskware category — software that is legitimate but can be used for malicious purposes.

Responding to a question about how to prevent clipboard/keyboard hackers from stealing users’ private SEED and other personal information, Mzokov explained:

It is vital to have a proven security solution installed on your devices. Apart from that, it’s necessary to double-check the entered crypto address, or at least several characters in them in the beginning and in the end. Also, many stock (crypto) exchanges have begun to introduce a practice where users can only transfer their funds to a previously confirmed wallet. If a transfer is requested to a final recipient that is different from the one initially confirmed, the exchange will not allow the transaction until you have confirmed approval.

Peter Schiff Admits to Entering PIN Instead of Password for His Blockchain Wallet

Siamak Masnavi

On Wednesday (January 22), famous gold bug Peter Schiff finally admitted that he lost access to the bitcoin held in his Blockchain Wallet because he had misunderstood how this wallet works. However, not all the blame for this incident should be pointed to Schiff.

Schiff is the CEO of Euro Pacific Capital, a full-service, registered broker/dealer specializing in foreign markets and securities, and founder and Chairman of SchiffGold, a full-service, discount precious metals dealer. He is also a man who is extremely bullish on gold, bearish on the U.S. dollar, and highly skeptical about Bitcoin.

On 4 July 2019, Schiff revealed that he owned some Bitcoin (BTC), Ether (ETH), and Bitcoin Cash (BCH), and said that he was going to HODL his bitcoin no matter what happens to the Bitcoin price.

Then, last Sunday (January 19), Schiff took to Twitter to express his anger with Bitcoin after allegedly losing access to the crypto wallet that holds his bitcoin:

Although Schiff said at the time that the wallet app he was using -- which we know know was the iOS version of Blockchain Wallet (made by Blockchain.com) -- had "somehow" become "corrupted" and that is why his password -- which he was sure of remembering correctly -- was being rejected, most people in CryptoTwitter seemed to believe that this was just a case of a "boomer" who has simply forgotten his wallet's password:

Eric Voorhees, Founder and CEO of ShapeShift, whom Schiff claims was the person who set up Schiff's wallet in the first place, says that it is Schiff who is to blame (and not Bitcoin) for forgetting his password and not making a note of his wallet's recovery phrase:

However, last night (January 22), three days after first reporting the loss of access to his entire Bitcoin holdings (which had mostly been gifted to him by members of the crypto community on Twitter), Schiff admitted that this situation was not due to a corrupt wallet but the fact that he had been confused about the concepts of PIN and password for his Blockchain Wallet; what made things worse was that he did not know/have neither the password nor the 12-word backup/recovery phrase: 

Having spent some time playing with the Blockchain Wallet, here is one possible explanation for what really happened. 

When you create a new Blockchain Wallet, you are asked to specify an email address (which acts as your username), a password (which is needed in case you ever logout or are logged out of your wallet), and a 4-digit PIN (which the wallet apps asks for -- if you have not setup biometric authentication -- whenever it is restarted, in order to "decrypt" your wallet). 

It is essential to note that the Blockchain Wallet does not force the user to record a 12-word or 24-word recovery/seed phrase at the time that the wallet is being created, i.e. this step is optional. After the wallet has been created, you need to go to the app's menu and choose "Backup Funds", at which point you are asked to write down each of the 12 words of the "backup phrase" the app assigns to your wallet.

So, if Schiff is telling the truth about never knowing the password of the backup phrase, then it looks like the person who created the wallet for him (i.e. Vooerhees) may have not told Schiff the wallet's password and not told him to make a note of the backup phrase.

Therefore, we can certainly blame Schiff for not bothering to understand how his wallet works, but it is also true that developers of crypto wallets need to do more to improve wallet usability in order to prepare for the mainstream adoption of crypto.