Anything that has monetary value eventually attracts criminal activity and whether the community likes it or not, illicit use of cryptocurrencies is not a small segment of their current real-world application scope.
In a recent whitepaper released by Cyber Threat Alliance, data from prominent cybersecurity companies show illicit cryptocurrency mining (cryptojacking) is becoming the favorite way to monetize infrastructure exploits.
This type of exploitation is not only here to stay, it might even have interesting political implications.
Several older malware campaigns were repurposed to deploy crypto mining software to the exploited host, ransomware and DDOS attacks likewise went out of fashion and are getting replaced by cryptoasset miners. The most popular cryptocurrency to mine is Monero because of its enhanced privacy.
Ways to deploy a cryptocurrency miner
Illicit cryptomining uses the same software as legitimate mining, the only difference is the infrastructure owners do not know their hardware is used for mining cryptocurrencies.
Server and IoT exploits that install mining software are mostly focusing on low-hanging fruit - old vulnerabilities that have been disclosed and documented but often remain unpatched. A patch for EternalBlue vulnerability has been available for 18 months but there are still countless organizations that are being victimized by this exploit.
Business and governmental infrastructures are the primary target because the available resources for mining are larger than with a private device. Personal devices are not spared though: McAfee analysts discovered hundreds of thousands of anonymous FTP servers linked to consumer-grade devices, with FTP enabled by default, that were hosting over 1 million Monero miners.
According to a currently unpublished analysis from Palo Alto Networks, one cryptojacking malware family uses a routine on infected personal computers that detects mouse movement. On a mouse event, the mining activity is suspended until the user is deemed to be inactive again.
Current ways to infect a personal device also revolve around low-hanging fruit - most popular methods are phishing and spam e-mails with infected documents attached. This tactic is affordable and easy to scale, it pays off even though the success rate is quite low.
Potential damages caused by cryptojacking
Crypto mining detections increased 459 percent between 2017 to 2018 but it is safe to assume this is only the tip of the iceberg.
Novice attackers now have access to affordable commodity malware that can be deployed without any technical skills. If novice attackers decide to use crypto miner to generate profit, they usually get detected quite easily. Typically, this type of attacker will not bother setting a limit for CPU/GPU usage, they will simply let it max out until failure. However, if the miner does not get uncovered in time, it will cause overheating and potentially even physical damage of the hardware.
As shown by Palo Alto Networks though, more sophisticated attackers now set the maximum CPU/GPU usage to 20%. They employ the tradeoff where they limit their rate of profit generation but successfully keep their miner undetected for longer.
The damages from this sophisticated cryptojacking are similar to Denial of Service attacks. When a large portion of the infrastructure resources is used to mine cryptocurrencies, there might not be enough resources to perform the business operations.
What are we (not) doing to prevent the damage
The Cyber Threat Alliance whitepaper explains the boom in cryptojacking could be easily prevented by adhering to the standard security recommendations - regular maintenance, diligent patching and carefulness on the part of individuals when it comes to opening e-mail attachments.
In practice though, security standards are routinely ignored by individual users and on the business level, management is far too often reluctant to allocate adequate funds for system administration since it is deemed an expense that does not generate any presentable results.
In CTA’s view this makes the threat of cryptojacking not a temporary fad but an enduring problem in the digital ecosystem that will continue to evolve.
On a more speculative note, CTA also asserts that nation-state actors that are currently under economic sanctions may soon begin to leverage illicit cryptocurrency mining to gain revenue.
Judging from how difficult it is to change the cybersecurity morale of every single employee of an organization, it is not unreasonable that illicit cryptocurrency mining or other cryptocurrency attacks could be used as a very efficient form of economic warfare.
In a long-term view, CTA warns attacks involving cryptocurrencies will become far more powerful if nations begin to issue their own blockchains, as some already have on a limited scale. Sluggish attitude of individuals to computer security would then open the door for an attacker to diminish the ability of a central government bank to control the country’s economy.
Data is beautiful
Brand development in forex and crypto: Most expensive domain names [Infographic]
Crypto infographics - Most expensive domain names in forex and crypto. Targeted brand development in forex and crypto with domain names.
Top 8 Women in Blockchain Technology [Infographic]
When it comes to women in crypto, the pre-2016 OG heads will probably come up with names like Alena Vranova and Blythe Masters. Alena Vranova is the former CEO of Satoshi Labs, the company that...
Blockchain Consortium in Trade Finance: 6 Notable Networks [Infographic]
The success of trade finance blockchain implementations depends on how widely they are adopted. That's why we have seen businesses form consortia based on similar interests.
Comparing Forex Market with Cryptocurrency Markets [Infographic]
One of the few metrics that cryptocurrency markets have in common with the forex markets in 2018 is the high percentage of total trades being located on few most popular markets.
Blockchain Technology 101: Blockchains, Blocks and the Role of Price [Infographic]
Blockchain technology 101: What is blockchain, what types of blockchains exist and what role does the cryptocurrency price play.
Real-world companies that accept crypto payments [Infographic]
Infographic - Graphic map of businesses that let customers pay in bitcoin.
Infographic: Blockchain Hacks & Crypto Trading Platform heists 2018 vs 2017
Blockchain infographic comparing the biggest crypto heists of 2018 and 2017. In 2017 the focus lied more on ICOs, smart contracts and wallet.
15 crypto kings that are making history with their engagement in the field of cryptocurrencies
Coining The Bucks With Cryptocurrencies Have you ever wondered how much masters of the cryptocurrencies are worth? Like the guy who founded Ethereum, or the one who started Ripple, for example. The answer, in short,...
The Good And The Bad Of ICOs
Infographic: The good and bad of ICOs - Which token sales raised the most money in 2018?
Industry News Releases
Following the Dog bounty hunt marking the end of the Year of Dog for Etheremon,...Read >>
- Crypto Marble dApp Game: Monopoly on Blockchain
- The dApp gaming platform VX Network launched the official VX Wallet in Apple App Store and Google Play
- Etheremon's first Chinese New Year Campaign: Chance to recall two rare mons
- Fuel Games and Cryptokitties bring you "The Cat in the Pack" until the end of January 2019
- Action RPG dApp game Hero of Cryptoworld is starting its character presale
- Libereum, the crypto investment company, acquired Spanish football club Elche CF