Financial threats in 2021: cryptocurrency transit, web skimmers move to the server side and extortion plague

Mihai-Alexandru Cristea 07/12/2020 | 15:02

In 2021, many financial cybercriminals are likely to target Bitcoin more often, while other cybercriminals will switch to transit cryptocurrencies when demanding payment from victims for enhanced privacy. On top of that, extortion practices will become even more widespread, be it as part of DDoS or ransomware attacks, with the operators of the latter consolidating and using advanced exploits to target victims. These are the key predictions from Kaspersky regarding  anticipated changes in the financial sector’s threat landscape.


Financial cyberthreats are among the most dangerous as they directly impact the financial wellbeing of victims – be it individuals or organizations. Drastic changes in 2020 unavoidably affected the way financial attackers operate. Albeit not all of the tactics, techniques and procedures have been influenced by the change of how we live and work nowadays, their influence cannot be understated. Based on a review of what has happened over 2020, Kaspersky researchers were able to prepare a forecast of the important developments in the financial threat landscape of 2021 in order to help organizations prepare for these new threats better. Here is a  summary of their key predictions:

  • MageCarting, or so-called JS-skimming (the method of stealing payment card data from e-commerce platforms), attacks will move to the server side. Evidence shows that from day to day there are  fewer threat actors relying on client side attacks that use JavaScript. Kaspersky researchers expect that next year the attacks will shift to the server side.
  • Transition currencies. At the same time, special technical capabilities for monitoring, deanonymizing and seizing Bitcoin accounts will prompt a shift in the methods used by many cybercriminals to demand payment. Other privacy enhanced currencies such as Monero are likely to be used as a first transition currency, with the funds being later converted to other cryptocurrency, including Bitcoin, to cover criminals’ tracks.
  • Extortion on the rise. Due to their successful operations and extensive media coverage this year, the threat actors behind targeted ransomware systematically increased the amounts victims were expected to pay in exchange for not publishing stolen information. Now Kaspersky researchers anticipate an even higher growth in extortion attempts as a means to obtain money. Organizations, which may be hurt by the loss of data and exhausting recovery processes, are in the crosshairs, with more cybercriminals targeting them with ransomware or DDoS attacks or even both.
  • 0-day exploits used by ransomware gangs. On top of that, ransomware groups who managed to accumulate funds as a result of a number of successful attacks in 2020 will start using 0-day exploits – vulnerabities that have not yet been found by developers – as well as N-days exploits to scale and increase the effectiveness of their attacks. While purchasing exploits is an expensive endeavor, based on the amounts some of the ransomware operators were able to obtain from their victims, they now have sufficient funds to invest in them.
  • Bitcoin theft will become more attractive as many nations plummet into poverty as a result of the pandemic. With economies crashing down and local currencies dropping, more people may become involved in cybercrime, leading to more cases. As Kaspersky researchers anticipate, due to the weakness of local currencies, more people may focus on fraud that demands Bitcoin, as well as Bitcoin theft, since it is the most widespread cryptocurrency.


 This year was substantially different from any other year we experienced, and yet, many trends that we anticipated to come to life last year came true regardless of this transformation of how we live. These include new strategies in financial cybercrime – from reselling bank access to targeting  investment applications — and the further development of already existing trends, for instance, even greater expansion of card skimming and ransomware being used to target banks. Forecasting upcoming threats is important, as it enables us to  better prepare to defend ourselves against them, and we are confident our forecast will help many cybersecurity professionals to work on their threat model, says Dmitry Bestuzhev, a security researcher at Kaspersky.

Financial predictions are part of the Kaspersky Vertical Threat Predictions for 2021, one of the segments of the Kaspersky Security Bulletin (KSB) – an annual series of predictions and analytical reports on key shifts in the cybersecurity world. Follow this link to look at other KSB pieces.

BR Magazine | Latest Issue

Download PDF or read online: May (I) 2023 Issue | Business Review Magazine

The May (I) 2023 issue of Business Review Magazine is now available in digital format, featuring the main cover story titled “MedLife BVB performance highlights potential of Romania’s emerging
Mihai-Alexandru Cristea | 17/05/2023 | 15:38

    You will receive a download link for the latest issue of Business Review Magazine in PDF format, based on the completion of the form below.

    I agree with the Privacy policy of

    I agree with the storage and handling of my data by

    Advertisement Advertisement
    Close ×

    We use cookies for keeping our website reliable and secure, personalising content and ads, providing social media features and to analyse how our website is used.

    Accept & continue