The cybersecurity firm's 2023 cybercrime predictions include more focus on crypto projects, and that privacy coins like Monero will outpace Bitcoin as the ransom currency of choice.
The metaverse, NFTs and Web3 will become a bigger and bigger playground for cyberthieves, phishers and scammers, cybersecurity firm Kaspersky said.
The Russian firm's Crimeware and Financial Cyberthreats in 2023 report has warned these attacks will be most prevalent in the entertainment and gaming sectors — which includes metaverses.
But more broadly, "with the increasing popularity of cryptocurrencies, the number of crypto scams has also increased," Kaspersky said.
Fake initial coin offerings ICOs and NFTs will be big, but so will more subtle frauds through smart contracts, the immutable — unchangeable — self-executing agreements at the heart of decentralized finance, or DeFi.
There have been plenty of cases where poorly written smart contracts have left small fortunes in Ethereum and other tokens lost forever, which is why smart contract audits are growing in popularity. As few people will read the details, there's plenty of room for fraudsters.
That said, Kaspersky also believes that people are getting wise to the simpler scams like givebacks, in which someone — often posing as a celebrity — offers to send anyone double the BTC (or some such) they send in as a way of "giving back to the community."
Targeting Privacy Coins
Another prediction, based on a trend that's already becoming clearer, is that ransomware blackmailers will turn away from increasingly traceable Bitcoin in favor of other tokens.
That would be privacy coins like Dash, ZCash and especially Monero. As far back as July 2021, blockchain intelligence firm Elliptic reported ransomware gang REvil demanding 10% more for BTC, or discounts for XMR. Japan and South Korea have both banned privacy coins.
There's also a growing call for making it illegal — even criminal — to pay ransomware, and governments including the U.S. are targeting crypto mixing services. Most notably, the U.S. placed sanctions on Tornado Cash, accusing the DeFi project of laundering stolen funds for North Korean hackers.
On Nov. 23, authorities in the Netherlands ordered Tornado Cash developer Alexey Pertsev to remain in jail on charges of facilitating money laundering by developing Tornado Cash. The Russian national was arrested in August.