Dark web discussions around crypto-drainers  – malware designed to swiftly empty cryptocurrency wallets – have significantly risen in 2024, according to global cybersecurity company Kaspersky.

The report also highlights a 40% increase in corporate database advertisements on a prominent dark web forum, signaling a rising cybercriminal focus on data breaches.

Surge in Crypto-Drainer Discussions on the Dark Web

Kaspersky Digital Footprint Intelligence has reported a sharp 135% increase in dark web threads discussing crypto-drainers, from 55 in 2022 to 129 in 2024.

These threads often revolve around acquiring, selling, and distributing malicious software or assembling teams for further distribution.

Crypto-drainers, which emerged roughly three years ago, trick victims into authorising fraudulent transactions to steal funds.

Common tactics include fake airdrops, phishing sites, malicious browser extensions, deceptive ads, malicious smart contracts, and fake NFT marketplaces.

According to Kaspersky expert Alexander Zabrovsky, this trend is likely to persist in 2025, necessitating heightened security measures.

He urges companies to monitor their online presence actively and counter fraudulent activities.

Drainers frequently exploit well-known wallet and exchange brands through social engineering to lure victims.

Rise in Advertisements for Data Breaches

Kaspersky also observed a 40% year-on-year increase in posts advertising corporate databases on a popular dark web forum between August and November 2024.

While some posts may feature older leaks repackaged as new, they highlight a sustained demand for leaked corporate data.

Zabrovsky explains that some breach advertisements are fabricated, combining public and previously leaked data to tarnish company reputations or generate buzz.

He emphasises the importance of monitoring corporate mentions on the dark web to enable swift countermeasures.

Evolving Cyber Threats Expected in 2025

Looking ahead to 2025, Kaspersky anticipates several developments in the cyber threat landscape.

Cybercriminals are expected to migrate from Telegram back to dark web forums due to increased bans on Telegram channels.

High-profile law enforcement actions against cybercrime groups in 2024 are expected to intensify, potentially driving cybercriminals to invitation-only forums to evade detection.

Ransomware groups may fragment into smaller, more agile units, making them harder to track and counter.

The use of stealers and drainers is also expected to rise, with malware distributed through the Malware-as-a-Service model and stolen data increasingly sold on shadow forums.

In the Middle East, geopolitical tensions are likely to fuel a surge in hacktivism and ransomware attacks, as the number of ransomware victims has already increased from an average of 28 per half-year in 2022-2023 to 45 in the first half of 2024.

Featured image credit: Edited from Freepik

The post Kaspersky Warns of Rising Threat from Crypto-Draining Malware appeared first on Fintech Singapore.