In recent news, high-level cybercriminals are trading access to Australian computer networks to be used in crypto mining.
The brazen acts by the masterminds are said to attract price tags of $350 onwards, which is followed by an additional $70 for updates. This has presented dire economic ramifications.
At this point, critical business processes have been breached and vast amounts of computing power and electricity have been wasted.
This information was first provided by Secureworks, a cybersecurity firm that sent warnings about global cybercriminals breaching company networks.
In this sense, cybercriminals have been taking advantage of vulnerable corporate networks whose access is sold via darknet platforms.
Currently, “cryptocurrency for sale” posts found online expose a rather disturbing reality about the hacking expedition.
Smominru, a massive crypto mining botnet, was the most severe so far—said to have hit about 520,000 computers and servers across the world. These systems are believed to be using the Windows operating system, which is popular in comparison to counterpart operating systems.
This miner botnet converts vulnerable computers into miners of the Monero virtual coin.
Until this time, Smominru is said to have gathered a staggering $3.6 million since its inception in 2017.
The Use of Hijacked Networks in Crypto Mining
It has become common practice for cybercriminals to leverage on the vulnerability of computer systems in the acquisition of cryptocurrencies. Smominru is particularly vast, unlike other botnet counterparts like Adylkuzz.
How Does This Work?
In a typical event, victims become oblivious of system breaches until the damage reflects in their electricity bills.
Mining tools are downloaded once a computer gets infected. The tool utilizes the system’s hardware processing power to solve complex equations. These computational problems represent packets of cryptocurrency which are then sent back to the attacker’s wallet. Meanwhile, the virus propagates itself to explore other computers connected to the network.
Cybercriminal gangs typically exploit already-established networks to run their activities. This aspect stems from the fact that these entities avoid the need to advertise on open forums—to escape detection.
Instead, they make use of such platforms to engage in the sale of stolen data and fake goods. Otherwise, cybercriminal gangs prefer to employ closed communication channels to trade items through the dark web without the need to establish relationships.
A Dire Situation
Australian organizations, especially financial institutions, are often the most targeted class of businesses. This owes to the attribute of excellence as far as modern defense mechanisms are concerned.
According to Alex Tilley, a senior researcher at Secureworks, it has been discovered that one in three organizational networks are key targets. The reality that some infections go untreated in years is quite surprising. Additionally, as observed by Tilley, the currently existing access tools have an exceedingly vulnerable standpoint, which may be breached easily.
Elsewhere, Kaspersky Lab lifted the lid on a story about an international crypto mining syndicate that uses the malware PowerGhost to infect corporate networks.
The malware targeted everything, including workstations and servers. The cybercriminals behind the malware successfully allocate portions of computer power in mining cryptocurrencies.