CryptoSec: The Business of Cryptojacking

Given how difficult it is to change the cybersecurity morale of every single employee of an organization, it is not unreasonable that illicit cryptocurrency mining could be used as a very efficient form of economic warfare.
You are reading about: "CryptoSec: The Business of Cryptojacking"

By JMT

Published September 21, 2018

Anything that has monetary value eventually attracts criminal activity and whether the community likes it or not, illicit use of cryptocurrencies is not a small segment of their current real-world application scope.

In a recent whitepaper released by Cyber Threat Alliance, data from prominent cybersecurity companies show illicit cryptocurrency mining (cryptojacking) is becoming the favorite way to monetize infrastructure exploits.

This type of exploitation is not only here to stay, it might even have interesting political implications.

Several older malware campaigns were repurposed to deploy crypto mining software to the exploited host, ransomware and DDOS attacks likewise went out of fashion and are getting replaced by cryptoasset miners. The most popular cryptocurrency to mine is Monero because of its enhanced privacy.

Ways to deploy a cryptocurrency miner

Illicit cryptomining uses the same software as legitimate mining, the only difference is the infrastructure owners do not know their hardware is used for mining cryptocurrencies.

Server and IoT exploits that install mining software are mostly focusing on low-hanging fruit - old vulnerabilities that have been disclosed and documented but often remain unpatched. A patch for EternalBlue vulnerability has been available for 18 months but there are still countless organizations that are being victimized by this exploit.

Business and governmental infrastructures are the primary target because the available resources for mining are larger than with a private device. Personal devices are not spared though: McAfee analysts discovered hundreds of thousands of anonymous FTP servers linked to consumer-grade devices, with FTP enabled by default, that were hosting over 1 million Monero miners.

According to a currently unpublished analysis from Palo Alto Networks, one cryptojacking malware family uses a routine on infected personal computers that detects mouse movement. On a mouse event, the mining activity is suspended until the user is deemed to be inactive again.

Current ways to infect a personal device also revolve around low-hanging fruit - most popular methods are phishing and spam e-mails with infected documents attached. This tactic is affordable and easy to scale, it pays off even though the success rate is quite low.

Potential damages caused by cryptojacking

Crypto mining detections increased 459 percent between 2017 to 2018 but it is safe to assume this is only the tip of the iceberg.

Novice attackers now have access to affordable commodity malware that can be deployed without any technical skills. If novice attackers decide to use crypto miner to generate profit, they usually get detected quite easily. Typically, this type of attacker will not bother setting a limit for CPU/GPU usage, they will simply let it max out until failure. However, if the miner does not get uncovered in time, it will cause overheating and potentially even physical damage of the hardware.

As shown by Palo Alto Networks though, more sophisticated attackers now set the maximum CPU/GPU usage to 20%. They employ the tradeoff where they limit their rate of profit generation but successfully keep their miner undetected for longer.

The damages from this sophisticated cryptojacking are similar to Denial of Service attacks. When a large portion of the infrastructure resources is used to mine cryptocurrencies, there might not be enough resources to perform the business operations.

What are we (not) doing to prevent the damage

The Cyber Threat Alliance whitepaper explains the boom in cryptojacking could be easily prevented by adhering to the standard security recommendations - regular maintenance, diligent patching and carefulness on the part of individuals when it comes to opening e-mail attachments.

In practice though, security standards are routinely ignored by individual users and on the business level, management is far too often reluctant to allocate adequate funds for system administration since it is deemed an expense that does not generate any presentable results.

In CTA’s view this makes the threat of cryptojacking not a temporary fad but an enduring problem in the digital ecosystem that will continue to evolve.

On a more speculative note, CTA also asserts that nation-state actors that are currently under economic sanctions may soon begin to leverage illicit cryptocurrency mining to gain revenue.

Judging from how difficult it is to change the cybersecurity morale of every single employee of an organization, it is not unreasonable that illicit cryptocurrency mining or other cryptocurrency attacks could be used as a very efficient form of economic warfare.

In a long-term view, CTA warns attacks involving cryptocurrencies will become far more powerful if nations begin to issue their own blockchains, as some already have on a limited scale. Sluggish attitude of individuals to computer security would then open the door for an attacker to diminish the ability of a central government bank to control the country’s economy.

Also Read: Andrew Gazdecki on partnership with Wyre and the community approach in DEX trading #CryptoSecurity - Tiered Device Management

Filed under: Analysis

Blockchain industry brand names mentioned in this article:

XMR


Data is beautiful

Blockchain Technology in Mobile App Market: State of the Industry 2020

Blockchain is currently at the top among the new trending technologies that came up in recent years. It is a remarkable innovation for our ever more digitalised world. Blockchain is mostly known as decentralized network,...

Published September 04, 2020 by Daniel M.
Editor's note: We still have plenty of work ahead to see blockchain-based mobile apps solving problems based on the real-world needs.
Tagged as Infographics

New Horizons in Fintech: Payments, Big Data and Partnerships [Infographic]

The global fintech market saw a period of consolidation in 2018, which is exactly what we saw also in terms of price evaluation of crypto assets. In spite of the “crypto winter”, which is apparently...

Published April 03, 2019 by Diana
Editor's note: Fintechs did what every sensible crypto business did during the crypto bear: They used the void to build things.
Tagged as Infographics

Brand development in forex and crypto: Most expensive domain names [Infographic]

Crypto infographics - Most expensive domain names in forex and crypto. Targeted brand development in forex and crypto with domain names.

Published October 12, 2018 by LK / forexnewsnow
Editor's note: Crypto and forex brokers go for crisp domain names.
Tagged as Infographics

Top 8 Women in Blockchain Tech [Infographic]

When it comes to women in crypto, the pre-2016 OG heads will probably come up with names like Alena Vranova and Blythe Masters. Alena Vranova is the former CEO of Satoshi Labs, the company that...

Published November 14, 2018 by Guest
Editor's note: Two OG crypto women that you don't hear much of anymore plus a crypto infographic about 8 women who work in blockchain tech.
Tagged as Infographics

Infographic: Blockchain Technology, Ledgers, Blocks and the Role of Price

Blockchain technology 101: What is blockchain, what types of blockchains exist and what role does the cryptocurrency price play.

Published July 31, 2018 by Guest
Editor's note: What is blockchain, what types of blockchains exist and what role plays the price of cryptocurrencies.
Tagged as Infographics

Infographic: The Good And The Bad Of ICOs

Infographic: The good and bad of ICOs - Which token sales raised the most money in 2018?

Published May 30, 2018 by Hristina
Editor's note: Despite the DAO failure, ICOs grew into an established form of startup funding.
Tagged as Infographics

The Business of Esports: All The Numbers [Infographic]

Esports is a rapidly emerging category as a real sport. It’s even beginning to compete with traditional sports.

Published April 30, 2019 by Guest

Tagged as Infographics

Shocking Facts About Cryptocurrency Heists [Infographic]

If there is one question in the history of Bitcoin that cannot be answered with anything more than an estimate, it is the problem of how much of Bitcoin’s supply is actually ever available on...

Published March 26, 2019 by Diana
Editor's note: Cryptojacking, ICO exits, scams, malware, fraud - outrageous amounts of cryptomoney have changed hands through illicit activity.
Tagged as Infographics

Comparing Forex Market with Crypto Markets [Infographic]

One of the few metrics that cryptocurrency markets have in common with the forex markets in 2018 is the high percentage of total trades being located on few most popular markets.

Published June 10, 2018 by Guest
Editor's note: Still a long way to go for crypto markets.
Tagged as Infographics

East vs. West: Which One Sides More With Blockchain?

Digital cash schemes were the holy grail of the late 90s, but since the bitcoin blockchain was invented, suddenly nobody in the West cares.

Published April 09, 2019 by Guest
Editor's note: Digital cash schemes were the holy grail of the late 90s, but since the bitcoin blockchain was invented, suddenly nobody in the West cares.
Tagged as Infographics

Blockchain Consortium in Trade Finance: 6 Notable Networks [Infographic]

The success of trade finance blockchain implementations depends on how widely they are adopted. That's why we have seen businesses form consortia based on similar interests.

Published October 21, 2018 by Guest

Tagged as Infographics

Real-world companies that accept crypto payments [Infographic]

Infographic - Graphic map of businesses that let customers pay in bitcoin.

Published May 31, 2018 by Guest
Editor's note: Graphic map of businesses that let customers pay in bitcoin.
Tagged as Infographics

Infographic: Blockchain Hacks & Crypto Trading Platform heists 2018 vs 2017

Blockchain infographic comparing the biggest crypto heists of 2018 and 2017. In 2017 the focus lied more on ICOs, smart contracts and wallet.

Published July 10, 2018 by JMT
Editor's note: In 2017 the focus lied more on ICOs, smart contracts and wallet.
Tagged as Infographics

15 crypto kings that are making history with their engagement in the field of cryptocurrencies

Coining The Bucks With Cryptocurrencies Have you ever wondered how much masters of the cryptocurrencies are worth? Like the guy who founded Ethereum, or the one who started Ripple, for example. The answer, in short,...

Published May 30, 2018 by Guest
Editor's note: Infographic: 15 ultra-rich blockchain entrepreneurs and how they get into crypto
Tagged as Infographics

How Blockchain Disrupts Business [Infographic]

Published May 31, 2018 by Guest

Tagged as Infographics

How to spot cryptocurrency scams

Published May 30, 2018 by Guest
Editor's note: Infographic by the NOAHcoin team
Tagged as Infographics

All Infographics

Industry News Releases


Comments

comments powered by Disqus
About the Author
By JMT

BIO:

JMT under the Twitter handle @tradingfanbois has been deep in bitcoin markets since late 2014. It is the person who takes care of the office of AltcoinTrading.NET. Also answering your Quora questions regarding Bitcoin, cryptocurrencies and technical analysis.

·

Also by JMT

Powered by Contentful

Supported by AltcoinTrading.NET