Cryptocurrency miners: A replacement for ransomware, ZDNet
Attackers are turning away from ransomware te favor of fraudulent cryptocurrency mining — and your IoT devices might be their future metselspecie cows.
By Charlie Osborne for Zero Day | January 31, 2018 — 16:00 GMT (08:00 PST) | Topic: Security
Ransomware has caused little more than heartache and disruption for the enterprise and consumers alike, but it may soon lose its lucrative appeal ter favor of cryptocurrency miners.
More security news
Overheen the last few years, ransomware, which targets systems, encrypts files, and requests a blackmail payment ter terugwedstrijd for a potential decryption key, has succesnummer the zoeklicht time and time again.
The UK’s National Health Service (NHS), major shipping companies, utilities, private businesses, and consumers at large have all fallen prey to variants including Petya, WannaCry, GoldenEye, and CryptoLocker.
This type of malware capitalizes on unpatched PCs, legacy operating systems, and vulnerabilities both old and fresh.
However, according to Cisco Talos researchers, cryptocurrency miners may soon take the top spot spil a way for fraudsters to generate income.
Cryptocurrency mining software is not malware. The software itself is used to leverage computing power — such spil a visitor to a webpagina’s CPU — to mine for cryptocurrency such spil Monero.
The Pirate Bay ran a trial with miners to see whether revenue generation based on borrowed CPU power could substitute ads, but the test faced backlash spil user consent wasgoed not requested.
According to Adguard, Two.Two procent of the top 100,000 websites on Alexa are now mining through user PCs and many of which are not asking for user permission, which has led to many antivirus providers branding the software spil nuisanceware.
It is not just legitimate webstek operators who are looking to metselspecie te on cryptocurrency, however.
Talos researchers say that spil the value of cryptocurrency resumes to surge, “mining-related attacks have emerged spil a primary rente for many attackers who are beginning to recognize that they can realize all of the financial upside of previous attacks, like ransomware, without needing to actually engage the victim and without the extraneous law enforcement attention that comes with ransomware attacks.”
Overheen the past several months, the research team has noticed a wave of fresh attacks designed to take advantage of the rente te cryptocurrency, spil well spil a “marked increase” te cryptocurrency mining software which has bot delivered to PCs spil a malicious payload.
A cryptocurrency miner delivered spil a malicious payload, dubbed Dark Test, has bot spotted ter the wild, and ter addition, the Equipment exploit lijm has bot delivering miners through smokeloader overheen the past few months.
Internet of Things (IoT) devices, te particular, are an attractive target spil they lend computing power which is far less likely to be noticed by a victim.
While often limited, IoT devices — such spil brainy lighting, appliances, and security systems — are not usually directly overseen by users, and so may generate income for attackers for long periods of time.
Talos estimates that an average compromised system which is running cryptocurrency mining software and depositing the proceeds into attacker wallets will generate toughly $0.28 te Monero vanaf day.
This doesn’t sound like much, but once you enslave 2000 systems, this could equate to $568 vanaf day or overheen $200,000 vanaf year.
“This is all done with minimal effort following the initial infection,” the team notes. “More importantly, with little chance of being detected, this revenue stream can proceed ter perpetuity.”
Talos noticed Chinese and Russian criminals discussing cryptocurrency miners te 2016, and the latter has begun developing and selling mining packages overheen the past six months, spil well spil touting access to compromised systems for the foot purpose of cryptocurrency mining.
Some botnets, such spil Satori, can enslave millions of devices at a time. If a botnet concentrates on IoT devices and each one is mining for cryptocurrency, the possibilities for fraudulent income are endless.
Ter one campaign utilizing a cryptocurrency mining botnet noticed by the team, the attacker amassed enough computing resources to mine cryptocurrency worth $184,000.
“Once the currency is mined, there is no telling what the attacker might do with it,” Talos says. “This could become a long-term investment (or even retirement) scheme for thesis attackers — sitting on this currency until it hits such a point where the attacker determines to metselspecie ter.”