Russian underground forums launch competitions for cryptocurrency, NFT hacks

Prizes are on offer for everything from stealing wallet funds to compromising NFTs.

Cybercriminals in underground forums have been soliciting techniques for compromising cryptocurrency services.

Capture the Flag competitions, conference calls for papers, and gamification in cybersecurity courses designed to equip learners with hands-on skills are all common in the white hat realm, but in opposition, contests are also being launched by cybercriminals to create new offensive techniques.  

Over the past month, according to Intel 471, operators of Russian underground forums have been running a competition asking for papers that examine "how to target cryptocurrency-related technology."

Starting April 20, the contest requests unorthodox methods covering everything from the theft of private keys and wallets used to store cryptocurrency including Bitcoin (BTC) and Ethereum (ETH) to submissions for "unusual" cryptocurrency mining software, as well as proposals relating to smart contracts and non-fungible tokens (NFTs).

According to the team, proposals were accepted over 30 days with the forum administrator claiming that $100,000 in prizes would be awarded to the 'best' research -- and a further $15,000 was shortly added to the pool. 

Some papers were posted for the wider forum to appraise, including ways to manipulate APIs used by cryptocurrency platforms, the use of phishing websites to harvest keys and seed phrases, and more. 

Underground forum contents are nothing new, and similar forums have launched their own versions in the past asking for everything from software vulnerabilities to ATM and point-of-sale (PoS) exploits. 

However, the cryptocurrency-focused contest does highlight how the virtual alternative to fiat currency is lucrative -- despite, or perhaps because of, the volatility of some coins -- and not just because of how cryptocurrency is abused by ransomware operators.  

A security researcher kept a major Bitcoin Core vulnerability secret for two years that could be used to crash the main BTC blockchain alongside Bcoin, Btcd, and similar blockchains. This vulnerability was quietly patched before another researcher stumbled across the same issue and its existence was made public. 

Other cryptocurrency and blockchain-related security problems of note this year are Akamai's discovery of a botnet using BTC mining activities and the blockchain at large as a method of obfuscation, and the use of March's Microsoft Exchange Server zero-days to install cryptocurrency mining software on vulnerable machines.  

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0