In our last blog we looked at the recent Thailand-based bitcoin mining scam; an audacious fraud that cheated its customers out of around $1.35m. In this blog we’re going to explore why crypto-mining attacks are now not only as popular with cybercriminals as malware has traditionally been but is also growing, according to industry experts Kaspersky Lab by around 50% during 2018.
We believe the reason is simple.
While the value and usage of cryptocurrency continues to grow, so do the benefits of mining. Once attackers manage to get into a system, their work will sit undetected in the background. In the majority of cases the only clue to their existence is an overworked cooling fan which most users would consider to be normal.
It is believed there are currently 3 very different groups involved in crypto-mining, all with their own techniques.
The first targeted 10,000 computers by ‘process hollowing’; the hackers created a process in isolation then, later, replace that process image with an invisible but malicious task. The second scouted specific targets, eventually settling on Monero coins. The third focused on creating ‘miner kits’ to sell online.
While the second group went after particular types of machines to steal Monero’s coins, most crypto-miners aren’t as targeted because despite the growing threat posed by crypto-miners, very few networks have adequate defences in place. This means any type of attack is still almost always going to go undetected.
This belief is borne out by a recent article in The Guardian. They recently reported thousands of websites owned and operated by the UK government were recently bushwhacked by rogue mining code while tech website Ars Technica reported attackers had breached one of Tesla’s Amazon clouds to successfully install mining software.
So if the techniques being practiced by cyber criminals are imperceptible to the point of invisible, how do you protect yourself? The first thing we’d suggest is, if you believe you are at risk, give your employees some pointers as to what to watch out for so they can be more vigilant.
Secondly, brief your IT team on what they need to do in terms of monitoring unusual activity, e.g. sudden peaks in energy use, CPUs apparently working harder than normal or inexplicable drops in network performance. To reduce the risk of human error, it may also be worth investing in automatic monitoring and detection tools if you believe your company is a particularly high risk.
If you have been the victim of a a crypto-mining scam or feel you are at risk of being targeted, please call us today on 020 7792 5649 or email us at This email address is being protected from spambots. You need JavaScript enabled to view it..
We will help.
