Warning! Am I under a crypto mining attack?

pexels-photo-97077.jpeg Image source: pexels.com

Is your computer performance being affected lately! Read the following research to known some articles about a new threard: Cryptojacking!

The security firm Trustwave reported than more than 170,000 devices were hacked last month in Brazil. This wide-scale cyberattack was launched on MicroTik routers. The effort led to the installation of the Coinhive mining software in a "mass" infection of more than 17,000 devices mostly in Brasil but also affecting devices in other locations.

Cryptojacking utilizes code hidden on websites or devices to attack victims' computing resources such as their central processing unit and bandwidth to mine cryptocurrencies. This attack ended up costing site visitors up to 99% of their CPU processing power, leading to further issues for consumers as their devices generated more heat and used up large amounts of electricity.

Coinhive offers a JavaScript miner for the Monero (XMR) Blockchain that can be embed in a website. Users run the miner directly in their Browser and mine XMR for you in turn for an ad-free experience, in-game currency or whatever incentives you can come up with.

This is not an isolated event, in July 3, 2018, Mawarebytes.com reported in a post by Jérôme Segura, an in-browser mining attacked has continued to affect a large number of websites, predominantly relying on Coinhive’s infamous API. They documented several situations, where attackers are taking advantage of vulnerabilities in popular Content Management Systems (CMS) to compromise websites and push payloads both client- and server-side. Their research led them to catalogue several hundred sites using a variety of CMS all injected with the same obfuscated code that uses Coinhive’s shortlink to perform silent drive-by mining.

According to a post by Trustwave, co-authored by Simon Kenin, Coinhive attack gained traction in 2017 as a service that claimed to provide monetizing solutions for websites without using any advertisements. Instead, site owners were to embed JavaScript code that would take hold of the central processing unit (CPU) power of site visitors to mine the cryptocurrency Monero.

Simon Kenin also wrote that all of the devices used "the same key", indicating that one entity stole the mined tokens from all of the devices. Trustwave has since released a detection tool to block the mining malware readers should patch any MikroTik devices "as soon as possible," emphasizing that the severity of the attacks could reach "hundreds of thousands" of consumers around the globe.

Simon Kenin also reports that illicit cryptocurrency mining operations such as these are "a trend we've been seeing a lot of over the last three years, as attackers shift from ransomware into the world of miners."
Skybox Security reported in their 2018 mid-year update that among cybercriminals, crypto mining now accounted for 32% of all cyberattacks.

In summary, be aware of those sites offering free money or crypto! Most likely they attempt to instal malware in your computer. Cryptojacking is just a new and very well recompensed attack.

H2
H3
H4
3 columns
2 columns
1 column
Join the conversation now
Logo
Center