THE Philippines recorded a rise in detected cryptocurrency-related attacks last year, global cybersecurity firm Kaspersky said on Tuesday.
Kaspersky saw crypto-phishing attacks in the country grow to 24,737 cases last year from 9,164 in 2021, the second most in Southeast Asia. Vietnam was first with more than 64,000 detections last year.
“This emerged from the ease of accessing cryptocurrency in the Philippines,” Adrian Hia, managing director for Asia Pacific at Kaspersky, said in a media briefing on Tuesday.
“As users are turning to mobility, they are opening up a lot of pots for their data to be used and even breached. There are no more boundaries. Malware can be installed with any form of touch,” Mr. Hia said.
Attackers often target accounts of popular online gaming platforms or crypto wallets via advanced stealers or “stalkerware” that allow cybercriminals to spy on a person through a mobile device, Kaspersky said in a statement.
“Our monitoring shows that malware is spreading through legitimate channels, such as official marketplaces and ads in popular apps,” Mr. Hia said.
In the Southeast Asian region, total crypto-phishing detections went down to 147,649 last year from 164,330 in 2021, Kaspersky said.
However, declines in detections were only seen in Singapore (down 74%), Thailand (51%), and Vietnam (15%).
Aside from the Philippines, crypto-related attacks also increased in Indonesia (to 24,642 in 2022 from 19,584 in 2021) and Malaysia (to 16,767 from 16,071).
Kaspersky said an average of 400,003 new malicious files per day were discovered in 2022, up by 20,000 files per day from 2021.
“Scammers will stop at nothing when it comes to stealing cryptocurrency. First, it’s on trend. We see more and more adopters, especially in Southeast Asia. In fact, the region is responsible for 14% of cryptocurrency transactions globally and is predicted to continue being the frontrunner in mass crypto adoption,” Mr. Hia said in the statement.
“Second, the population here is young and highly digital savvy. Future trends are welcomed with optimism instead of skepticism. Thus, we believe that adopters here should be more knowledgeable on the latest tricks being used by crypto phishers to keep their crypto assets safe,” he added.
According to Kaspersky spam analysis expert Roman Dedenok, crypto phishers often use e-mails to attack crypto users.
“The brains behind this scheme chose as bait an offer to take part in a juicy giveaway of cryptocurrency: Bitcoin, Ethereum, Litecoin, Tron or Ripple… The overly generous scammers were kind enough to provide a simple three-point guide for those wanting to get their free cryptocurrency, plus a link to the “promotion” website,” Mr. Dedenok said.
“Clicking the link takes the user to a phishing site… At this point, the victim is asked to specify the wallet they want the funds transferred to,” he said.
Mr. Hia said Kaspersky is having discussions with government institutions worldwide to address growing cybersecurity concerns.
In the Philippines, the central bank does not regulate cryptocurrency itself but has guidelines on virtual asset service providers. Under the rules, entities that engage with virtual assets are required to secure a license from the Bangko Sentral ng Pilipinas.
Cryptocurrencies are classified as digital or virtual assets in the country. — M.H.L. Antivola