Crypto-Jacking Malware and How Criminals Use Business Networks for Cryptocurrency Mining
The crypto-jacking malware, a new cyber threat that has been found on systems and servers within business networks, websites and many IoT (Internet of Things) devices, helps criminals use business networks for cryptocurrency mining.
The notable thing about this malware, and other malware belonging to the genre, is that they take control of your system’s CPU and you don’t know it’s happening. The hacker would then use the captured CPU to carry out cryptocurrency mining.
Cyber security experts point out that hackers are now using crypto-jacking malware to make easy money and are also coming up with new tactics and techniques.
In fact, there are many ways that hackers adopt, for carrying out cryptocurrency mining. Let’s take a look at some of the techniques they adopt:
Using botnets- Hackers use classic botnets for cryptocurrency mining as well. There were reports recently about the Satori IoT devices-based botnet being used to crack into legitimate cryptocurrency mining and helping hackers make some quick buck.
Using Cloud services- Hackers sometimes take control of cloud services or tools and use them to carry out cryptomining. There was a recent instance of a hacker gaining control of Kubernetes, an open-source cloud-services management tool and then installing cryptomining malware on the Kubernetes console owned by car maker Tesla. Tesla, which depends on AWS (Amazon Web Services) for executing its business operations in the cloud, had left open a path for a hacker to make his entry and gain control over Kubernetes.
Using government websites- Hackers use many government websites to carry out cryptocurrency mining. They would get access to some script in a software that government websites use and then inject the script with some malicious code and then convert the software’s server into a cryptomining malware.
Using NSA cyberweapons- This is one of the favorite techniques adopted by hackers for cryptocurrency mining. They would just use an NSA cyberweapon code to get into business networks and deliver cryptocurrency malware. There have been hackers exploiting NSA cyberweapon code EternalBlue for such purposes.
Using website hosting servers- Hackers use website hosting servers for cryptocurrency mining; they convert the websites themselves into coin miners. Analysts have found that the trend to make website hosting servers into coin miners is on the rise.
Using Chrome browser extensions- Hackers tend to use Google Chrome browser extensions to inject cryptomining codes. Quite recently experts discovered in the official Chrome store almost 90 malicious Chrome extensions that were designed to inject cryptomining codes and record browsing activities.
Using critical infrastructure- Hackers sneak into the critical infrastructure of different countries and then use the same to carry out cryptocurrency miner attacks on people. They could take control of the infrastructure in the energy sector, the utilities sector or any other such sector and then plan cryptocurrency mining targeting customers in these sectors.
Julia Sowells275 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.