PRWeb summary: Since the onset of 2024, BlackCloak has identified an alarming trend: cybercriminals are honing their tactics to specifically target individuals linked to venture capital and private equity firms, especially those with cryptocurrency investments. These nefarious entities are broadening their scope, moving beyond the firms to target their partners and individual Limited Partners (LPs) associated with crypto funds or wallets.

 

Orlando, FL – March 12, 2024 – BlackCloak, the pioneer in Digital Executive Protection and concierge personal cybersecurity for executives, high-net-worth individuals, and family offices, today announced its Threat Intelligence Team has detected a marked escalation in cyber threats against venture capital and private equity firms, with a particular focus on those investing in cryptocurrency startups and companies. These cyber threats are not just targeting the firms, but are also aggressively pursuing individual executives, partners, and Limited Partners (LPs) who have personal holdings in crypto funds and wallets. In an even more disturbing trend, the families of these executives are also being targeted.

Since the onset of 2024, BlackCloak has observed a four-fold increase in sophisticated criminal attacks that specifically target the personal cryptocurrency accounts of VC and PE executives. The threat actor, which appears to be an organized criminal group, is attempting to steal these executives’ personal cryptocurrency holdings through multi-stage attacks that utilize OSI (open source intelligence) research, data broker information, data breach dumps in the Dark Web, and SIM swapping attacks on mobile carriers. 

Dr. Chris Pierson, CEO and Founder of BlackCloak, emphasizes, “This is an active and evolving threat, and we urge all venture capital and private equity firms that are invested in the cryptocurrency space to take actions now to increase the cybersecurity protections for their executives. It is particularly important that they add non-SMS multi-factor authentication to their cryptocurrency accounts, such as security keys or authenticator apps. The level of cunning and accuracy these cybercriminals apply in their attacks against the financial sector are truly remarkable. At BlackCloak, we remain resolute in our dedication to stay a step ahead of these threats. Our priority is the protection of our clients’ financial interests and private data against the backdrop of an ever-evolving digital threat landscape.”

The total number of attacks by this criminal group is currently unknown, but BlackCloak has already received a surge in reports from VC and PE firms, with the personal losses of these executives ranging from $100,000 to several million dollars in stolen crypto funds.

 

Threat Actor Methodology

The BlackCloak Threat Intelligence Team’s investigations have determined that the cybercriminals involved in these attacks first locate appropriate targets through OSI research that utilizes a combination of company website ‘About’ pages, LinkedIn, Crunchbase and other sources of executive data. 

The threat actor then uses legitimate data broker sites to meticulously gather personal information on the executives, including personal cell phones and personal email addresses. This data is cross-referenced against data dumps available in the Dark Web, in order to locate usernames and passwords. They then ascertain the service provider and initiate an attack on the individual’s cell phone carrier, attempting a SIM swap or port forwarding of the phone number.

These investigations have also discovered that the cybercriminals are not just focusing on venture capitalists, but are also targeting their family members. This strategy indicates an attempt to drain wealth from the families more broadly, exploiting these assets for their own benefit.

 

Venture Capital Firms Should Remain Vigilant

Pierson stated, “The sophistication and precision of these cybercriminals targeting the venture capital and private equity sectors, especially those involved in cryptocurrency, is unprecedented. Our commitment at BlackCloak is unwavering in staying ahead of these threats. We are dedicated to protecting our clients’ investments and personal information against these evolving cyber tactics.”

BlackCloak remains steadfast in its commitment to leading the charge against these emerging threats, ensuring the security of our clients from such malevolent activities. Our team is continuously monitoring, identifying, and neutralizing these cybercriminal strategies to defend the investments and personal information of those within the venture capital and private equity sectors involved in cryptocurrency.

 

About BlackCloak

BlackCloak protects corporate executives and high-profile individuals from cybersecurity, privacy, financial, and other reputational risks. Used by Fortune 500 companies across all industries, the BlackCloak Concierge Cybersecurity & Privacy™ Platform is a holistic solution including mobile and desktop apps as well as concierge support. Executives and high-profile individuals get peace of mind knowing their family, reputation, and finances are secured. Companies rest assured that their brand, intellectual property, data, and finances are protected against threats coming through executives without having to invade their personal lives. Learn more at www.blackcloak.io, and follow them on LinkedIn and Twitter.

 

Media Contact: 

Mike Sias

BlackCloak

[email protected]