Attackers Finding New Ways to Deploy Malicious Cryptomining Software

‘Cryptojackings’ are increasing unabated despite a declining cryptocurrency market. As a recent report demonstrates, criminal elements are finding new ways of hijacking your computing power to mine cryptocurrencies like Monero. In this most recent case, attackers are exploiting vulnerable MikroTik routers as a lynch pad. More than 200,000 computers mainly in Russia, Brazil and India have been affected as a result.

The attack which initially focussed on Brazil is fast spreading according to a TrustWave researcher who first noticed it.

Monero, unlike Bitcoin, can easily be mined using ordinary PCs, providing hackers with unlimited ways to deploy malware. In this recent attack, a modified version of Coinhive was used.

Coinhive makes it possible to mine using browsers has recently been used by charitable organizations for crowdfunding. As much as $250,000 is raised every month using Coinhive.

Cryptocurrencies and especially privacy coins like Monero and Zcash are particularly attractive to hackers because the transactions are untraceable.

With interest in cryptocurrencies growing in 2017 and 2018, criminals have shifted their focus from ransomware attacks to cryptojacking because they are more lucrative. A Symantec report recently indicated that this kind of attacks had gone up a massive 8500%.

Although the manufacturer of MikroTik routers has long issued a patch, thousands of users are yet to apply to fix, which means they are still vulnerable.

In addition, the vulnerability also presents privacy concerns for users. Researchers at 360 Netlab discovered that some routers were directly forwarding user data.

 

Comments (No)

Leave a Reply