Illicit Cryptocurrency Mining on the Rise

Hammer on the metal background and lots of gold ingots.

Cybersecurity experts found a 459 percent increase in illicit crypto mining in 2017 and a 629 percent increase in crypto mining malware in Q1 2018.

Since the beginning of civilization, people have extracted and utilized resources found under the earth’s surface making one of the most crucial industries in the world.

It is believed that if humans had not put the structures in place and provide incentives to mining industries, then our lives as we know would entirely be different.

The gold and silver rush of the western United States stimulated mining of other minerals which lead the creation and expansion of countries, along with the development of the Industrial Age which resulted in the generation of industries we have today.

This ultimately has led to the invention of new technologies like blockchain and virtual currencies but at the same time a new form of mining industry—crypto mining.

Cryptocurrencies have become an increasingly popular alternative to traditional currencies as well as electronic transfer systems such as credit cards.

Why Crypto Mining Is Booming

Since cryptos are not backed by any government or central bank, anyone can get hold of it but one has to mine it first.

So crypto mining is the act of generating a new token as a reward by solving a complex mathematical equation using CPU resources, which then returns newly minted coins to the system as well as validating new transactions.

Due to the lack of regulatory oversight, cybercriminals have taken advantage of the situation.

In early 2017 the hacker group known as “Shadow Brokers” leaked a powerful hacking tool called EternalBlue.

EternalBlue is the name that the National Security Agency (NSA) gave to a software vulnerability in the Windows operating system.

They further weaponized the vulnerability which made it incredibly easy to crack open Microsoft Windows systems. I

t then became the centerpiece of the worldwide WannaCry ransomware attacks.

According to a recent report by the Cyber Threat Alliance, instances of illicit cryptocurrency mining have increased exponentially over the past year.

The Alliance, which consists of cybersecurity experts and firms, stated that it found a 459 percent increase in illicit crypto mining in the past year and a 629 percent increase in cryptocurrency mining malware in the first quarter of 2018.

Bitcoin miner.

Since the beginning of civilization, people have extracted and utilized resources found under the earth’s surface making one of the most crucial industries in the world.

Although ransomware attacks have decreased, hackers are still using the NSA exploit to infect computers to mine cryptocurrency.

The report further added that only 8 percent of illicit cryptocurrency malware mines Bitcoin while Monero takes the lion share with 85 percent.

The reason has been that Monero offers more privacy and anonymity since its transaction addresses and values are unclear.

How Crypto Mining Works

Cryptocurrency mining is currently conducted mostly in two ways: binary-based mining done by running an executable application on a device, and browser-based mining carried out within a browser via a JavaScript engine.

Illicit binary-based mining begins with the executable sent as a zipped file by email.

Once the victim opens the email, the malware immediately begins scanning for machines vulnerable to exploit.

On the other hand, browser-based mining happens when a script used for crypto mining is loaded in a web browser by site owners or by someone else, either from the same web server as the site or elsewhere.

One of the most popular browser-based crypto mining tools is CoinHive.

Regardless of the method, crypto-jacking (also a popular crypto mining strategy) results in the victim’s CPU maxing out reducing the performance of the computer and increasing the chances of system failure.

In the end, victims usually realize the problem only after the damage has occurred.

Furthermore, the Cyber Threat Alliance report noted that even inexperienced crypto-jackers are able to use malware to mine cryptocurrencies while the experienced ones employ various levels of sophistication in their attacks.

For instance, the firm Palo Alto Networks discovered that attacks had been configured with throttles, limiting the mining process to only use 20 percent of the computer’s CPU.

This decreases the rate at which the coins are mined but keeps the attack going undetected for a long time.

Cyber Threat Alliance believes that organizations and end-users must take the threat of illicit cryptocurrency mining seriously, as it would result in reduced business operations and productivity as well as physical damage and stress to infected endpoints.

Cryptocurrency Mining.

Cryptocurrency mining is currently conducted mostly in two ways: binary-based mining done by running an executable application on a device, and browser-based mining carried out within a browser via a JavaScript engine.

Industry experts recommend regular analysis of network traffic, keeping an eye on abnormal power consumption and CPU activity, checking logs for related mining strings such as CoinHive, blocking mining pool communications and installing browser extensions to protect against browser-based cryptocurrency mining.

Crypto-jacking looks set to become a larger problem as long as cryptocurrencies play a pivotal role in the cyber world. Because it’s so hard for users to identify that they are being exploited, it’s likely that this will be difficult to tackle in the short-term.

Comments (No)

Leave a Reply