Anything that has monetary value eventually attracts criminal activity and whether the community likes it or not, illicit use of cryptocurrencies is not a small segment of their current real-world application scope.
In a recent whitepaper released by Cyber Threat Alliance, data from prominent cybersecurity companies show illicit cryptocurrency mining (cryptojacking) is becoming the favorite way to monetize infrastructure exploits.
This type of exploitation is not only here to stay, it might even have interesting political implications.
Several older malware campaigns were repurposed to deploy crypto mining software to the exploited host, ransomware and DDOS attacks likewise went out of fashion and are getting replaced by cryptoasset miners. The most popular cryptocurrency to mine is Monero because of its enhanced privacy.
Ways to deploy a cryptocurrency miner
Illicit cryptomining uses the same software as legitimate mining, the only difference is the infrastructure owners do not know their hardware is used for mining cryptocurrencies.
Server and IoT exploits that install mining software are mostly focusing on low-hanging fruit - old vulnerabilities that have been disclosed and documented but often remain unpatched. A patch for EternalBlue vulnerability has been available for 18 months but there are still countless organizations that are being victimized by this exploit.
Business and governmental infrastructures are the primary target because the available resources for mining are larger than with a private device. Personal devices are not spared though: McAfee analysts discovered hundreds of thousands of anonymous FTP servers linked to consumer-grade devices, with FTP enabled by default, that were hosting over 1 million Monero miners.
According to a currently unpublished analysis from Palo Alto Networks, one cryptojacking malware family uses a routine on infected personal computers that detects mouse movement. On a mouse event, the mining activity is suspended until the user is deemed to be inactive again.
Current ways to infect a personal device also revolve around low-hanging fruit - most popular methods are phishing and spam e-mails with infected documents attached. This tactic is affordable and easy to scale, it pays off even though the success rate is quite low.
Potential damages caused by cryptojacking
Crypto mining detections increased 459 percent between 2017 to 2018 but it is safe to assume this is only the tip of the iceberg.
Novice attackers now have access to affordable commodity malware that can be deployed without any technical skills. If novice attackers decide to use crypto miner to generate profit, they usually get detected quite easily. Typically, this type of attacker will not bother setting a limit for CPU/GPU usage, they will simply let it max out until failure. However, if the miner does not get uncovered in time, it will cause overheating and potentially even physical damage of the hardware.
As shown by Palo Alto Networks though, more sophisticated attackers now set the maximum CPU/GPU usage to 20%. They employ the tradeoff where they limit their rate of profit generation but successfully keep their miner undetected for longer.
The damages from this sophisticated cryptojacking are similar to Denial of Service attacks. When a large portion of the infrastructure resources is used to mine cryptocurrencies, there might not be enough resources to perform the business operations.
What are we (not) doing to prevent the damage
The Cyber Threat Alliance whitepaper explains the boom in cryptojacking could be easily prevented by adhering to the standard security recommendations - regular maintenance, diligent patching and carefulness on the part of individuals when it comes to opening e-mail attachments.
In practice though, security standards are routinely ignored by individual users and on the business level, management is far too often reluctant to allocate adequate funds for system administration since it is deemed an expense that does not generate any presentable results.
In CTA’s view this makes the threat of cryptojacking not a temporary fad but an enduring problem in the digital ecosystem that will continue to evolve.
On a more speculative note, CTA also asserts that nation-state actors that are currently under economic sanctions may soon begin to leverage illicit cryptocurrency mining to gain revenue.
Judging from how difficult it is to change the cybersecurity morale of every single employee of an organization, it is not unreasonable that illicit cryptocurrency mining or other cryptocurrency attacks could be used as a very efficient form of economic warfare.
In a long-term view, CTA warns attacks involving cryptocurrencies will become far more powerful if nations begin to issue their own blockchains, as some already have on a limited scale. Sluggish attitude of individuals to computer security would then open the door for an attacker to diminish the ability of a central government bank to control the country’s economy.
Data is beautiful
Blockchain Consortium in Trade Finance: 6 Notable Networks [Infographic]
The success of trade finance blockchain implementations depends on how widely they are adopted. That's why we have seen businesses form consortia based on similar interests.
Comparing Forex Market with Cryptocurrency Markets [Infographic]
One of the few metrics that cryptocurrency markets have in common with the forex markets in 2018 is the high percentage of total trades being located on few most popular markets.
Brand development in forex and crypto: Most expensive domain names [Infographic]
Crypto infographics - Most expensive domain names in forex and crypto. Targeted brand development in forex and crypto with domain names.
Blockchain Technology 101: Blockchains, Blocks and the Role of Price [Infographic]
Blockchain technology 101: What is blockchain, what types of blockchains exist and what role does the cryptocurrency price play.
Real-world companies that accept crypto payments [Infographic]
Infographic - Graphic map of businesses that let customers pay in bitcoin.
Infographic: Blockchain Hacks & Crypto Trading Platform heists 2018 vs 2017
Blockchain infographic comparing the biggest crypto heists of 2018 and 2017. In 2017 the focus lied more on ICOs, smart contracts and wallet.
15 crypto kings that are making history with their engagement in the field of cryptocurrencies
Coining The Bucks With Cryptocurrencies Have you ever wondered how much masters of the cryptocurrencies are worth? Like the guy who founded Ethereum, or the one who started Ripple, for example. The answer, in short,...
The Good And The Bad Of ICOs
Infographic: The good and bad of ICOs - Which token sales raised the most money in 2018?
Industry News Releases
Yesterday, Nexo AG sent out an email featuring their letter of intent to buy SALT...Read >>
- traceto.io Partners with AI Trading Platform
- Fintech company Nexo offers to buy SALT Lending
- Etheremon launches new game mode that gives players full control of their in-game assets
- Open Data Exchange Raised Over 60 MM USD in Private Placement from Pantera, BlockTower and others
- Zilliqa announced blockchain grants for technology developers
- Wyre acquired Hedgy, platform for smart contracts on Bitcoin
Also by JMT
Released on August 03, 2018 02:58:36 PM by JMT Read >>
Released on May 28, 2018 02:57:52 PM by JMT Read >>
Released on June 30, 2018 03:38:02 PM by JMT Read >>