Cb Connect 2018 | Power of You | Register Now

Carbon Black Threat Report: Cryptocurrency Gold Rush on the Dark Web

Rick McElroy
June 7, 2018 / Rick McElroy

Cryptocurrencies. A decade ago, names such as Bitcoin, Dash, Etherem, and Monero were merely buzzwords. Fast forward to today, and they’ve become as recognizable as the U.S. dollar and the Euro. In many realms, these digital currencies are ushering in a new era of investing – a modern gold rush, albeit in digital form.

As was the case during the physical gold rush in the mid-1800s, there are criminals looking to exploit innocent parties of their earnings. Carbon Black has found that modern-day cybercriminals are increasingly using the dark web to facilitate cryptocurrency theft on a large scale.

During the past six months, Carbon Black looked into the dark web to determine how cryptocurrency malware is being bought and sold, fostering a burgeoning economy designed to pilfer some of the most popular cryptocurrencies on the market.

Click here to download the full report

Key Research Findings

Our research uncovered a total of $1.1 billion in cryptocurrency-related thefts during the past six months. 

We evaluated open source reporting for a six-month period to identify and quantify the largest threats posed from cryptocurrency-related crimes. During this process, we identified more than $1,148,763,000 in losses over the six-month period.

To quantify this figure, we looked at the most recent data from the United States Federal Bureau of Investigation’s (FBI) Internet Crime Center (IC3) that reported $1.3 billion in victim losses from internet crime for all of 2016.

There are currently an estimated 12,000 dark web marketplaces selling approximately 34,000 offerings related to crypto theft.

Click here to download the full report

These malware offerings range widely in price, from as low as $1.04, to as high as $1,000 per offering. The average listing price was $224, while the “sweet spot” for pricing was around $10.

The listings are riddled with phrases that emphasize the sheer simplicity in using these tools. The phrases are not something we typically expect to see in offerings geared toward sophisticated actors.


The available dark web marketplaces represent a $6.7 million illicit economy built from cryptocurrency-related malware development and sales.

Click here to download the full report

Data collected by our research detailed a number of victims and sectors most affected by cryptocurrency-related crime. Of the identified attacks, we concluded that cryptocurrency exchanges are the most vulnerable target for cybercriminals. Attacks on these exchanges account for just over 27% of all reported incidents. These exchanges represent prime targets for cryptocurrency theft, fraud and harvesting of user information for follow-on targeting by these same criminals.

The full report includes a number of recommendations for how to avoid victimization from lurking cybercriminals looking to make quick coin as well as a revised “Cyber Kill Chain” related to cryptocurrency. 

Click here to download the full report

TAGS: Carbon Black / cryptocurrency / Dark Web