Trojans targeting crypto exchanges and cryptomining malware among top cyber threats in Switzerland
Cryptominer malware “Monerominer” is the sixth most significant malware in Switzerland for the first half of 2018.
The 27th semi-annual report of the Reporting and Analysis Centre for Information Assurance (MELANI) was published today, addressing the most important cyber incidents of the first half of 2018 in Switzerland and abroad.
In the first half of 2018, there were numerous infections with criminal software (crimeware) in Switzerland, the report says.
As in previous years, the majority of cyber incidents in Switzerland were due to the “Downadup” malware (also known as “Conficker”). This worm has been around for over ten years and is spread via a security vulnerability in Windows operating systems that was discovered in 2008. The corresponding patch has also been available since 2008. The second place goes to “Gamut” – a spam malware which appeared to be responsible for 37% of the international spam volume in the last quarter of 2017. The “Gamut botnet” mainly sends job offer spams for the purpose of money mule recruitment. In third place is “Gamarue” – also known as “Andromeda”. This is a downloader that can download additional malware. In fourth and fifth place follow the malware “Spambot” and “Stealrat”. These two are also responsible for sending spam.
The sixth place is for cryptominer malware “Monerominer” and the ninth place is for e-banking Trojan “Gozi”. Currently, Gozi seems to be targeting not only e-banking systems, but also offline payment software and cryptocurrency exchanges. Interest in these modern targets seems to be a major trend for the near future, the report says.
The e-banking Trojan “Dridex” is also widespread in Switzerland. It is a computer worm that first appeared in 2012 under the name “Cridex”. In July 2016, “Dridex” expanded the modus operandi to offline payment systems. Since 2016, Dridex has also been targeting crypto currency exchanges. This year the number of targets in the configuration files has increased.
At present, Switzerland has no regulations regarding the buying and selling of virtual currency units or their use as a means of paying for goods and services. Put otherwise, no special approval is required for these activities. This applies to everyone who pays with a virtual currency or buys units of it as well as to all those who accept payments in a virtual currency or sell units of it. This does not mean, however, that there are no risks in using or investing in virtual currencies given that they are subject to significant price fluctuation and there may be uncertainties regarding the currency issuer. Currently, it remains unclear whether claims to virtual currencies can be asserted under civil law.
In July this year, the Swiss Financial Market Supervisory Authority (FINMA) said it had commenced enforcement proceedings against envion AG. FINMA explained it possessed evidence that the company may have violated financial market law in relation to an initial coin offering (ICO).
The proceedings focus on possible breaches of banking law resulting from what is suspected to be unauthorised acceptance of public deposits in connection with the ICO for the EVN token. Investigations carried out by FINMA to date indicate that, in the context of its ICO, envion AG accepted funds amounting to approximately one hundred million francs from more than 30,000 investors in return for issuing EVN tokens in a bond-like form.