Cryptocurrency mining botnets are becoming an epidemic
Cyber criminals are ingenious people. Highly opportunistic, I am continually looking for new ways to unleash chaos between systems or make money quickly. And it is the second reason, personal profit, which seems to feed the last flavor of the day. Cryptocurrency botnets are making cybercriminals easy money without most of us knowing about it.
When it comes to quick payments, Ransomware (through which a hacker holds a victim's computer hostage until payment is made) is often the method of choice. It is so popular, in fact, that damage is expected to reach $ 11.5 billion by 2019, with a Ransomware attack that will occur every 14 seconds, according to Cybersecurity Ventures.
However, just like the magpies drawn on a shiny silver piece, cybercriminals are flocking to a new way of accumulating their personal fortunes. Cryptocurrency mining botnet. It is simple, painless and probably relatively harmless compared to other types of attacks. In fact, the victims of cryptocurrency mining botnets probably will not even know they are infected.
Principal analyst at Logic Alert Matt Downing, a cybersecurity service provider, says: "The coin-mining phenomenon is really in your face, it's not thin, it's probably more than 80 percent of the attacks we see. . "
Alert Logic has analyzed 500,000 attacks addressed to Oracle Weblogic (cve-2017-10271). During the first two months, they saw the payloads of coin miners about 80% of the time. The first attack they saw (and the first publicly disclosed attacks) were attempting to install coin miners.
Yikes. This raises an important question …
What are the cryptocurrency mining botnets?
Cryptocurrency requires a large amount of computational power, specialized equipment or a giant mathematical brain. Sometimes a combination of these things. And if you do not have access to extremely cheap power, the mining cryptocurrency is not economically viable.
Unless you are programming, cryptocurrency botnets to do the work for you.
Think of them as a programmable army that makes the big lift for the evil miner. And here's the smart part. Instead of going behind a single computer with limited processing power, mining botnets infect a lot of devices simultaneously, including computers, smartphones, and servers.
"Monero is undoubtedly the most popular cryptocurrency for these types of businesses," says Downing. Perhaps because of its liquidity and the fact that it is much easier to dig than Bitcoin or Ethereum.
In fact, you could remember the Smominru mining botnet that hijacked over half a million computers and forced them to extract more than $ 3 million from Monero. All while their owners were blissfully unaware.
There is almost a beauty in the simplicity of cryptocurrency botnets and an egalitarianism to it. The victims are infected with malware that uses the CPU power of their device to extract the cryptocurrency almost completely indiscriminately.
Some devices are better than others, but since everyone can do it, they are all equal goals. And the position of victims is incidental, opening the pool of targets for unscrupulous miners.
And the profits? They are directed to the hacker's portfolio.
But unlike Ransomware, the victim will not be asked for money. They will simply take their computational power. They might not even see a red flag until a huge electric bill arrives at the end of the month. Or they start to wonder why their laptop fan is working on overdrive.
Sustainable profits
The use of cryptocurrency botnets or "encryption" does not require any interaction between the perpetrator and the victim. And rather than a surprise and high-profit attack, they provide a sustainable way of making money slowly, as long as botnets are not detected.
It is a low-risk, long-term way of accumulating money. The payment is not high or immediate, but like the Monero attacks, the patient players in space can earn millions of dollars over time if they are aware of it.
100% CPU ramp of the victim and may damage the device irreversibly. This would be useless for the miner and a huge red flag for the victim. But adjust the CPU just enough to take advantage of overtime and you have sustainable profits.
A call for businesses
Infecting machines are easy. Botnets can enter a computer through phishing campaigns, a compromised website or even a software download. And they can go unnoticed, as long as the CPU usage is not alarming.
Says Downing: "The immediate impact on companies is that, instead of doing whatever you want to do, your servers use 100% of use, extracting Monero for someone".
However, unlike a malicious virus or data theft, companies might think of these attacks as an alarm. The same mining botnets that suck up the CPU is not as much a problem as the fact of their entry.
"The number one thing to keep in mind is that when someone installs a coin miner, he was able to install a coin miner, so there's some kind of flaw in the system. a canary in the coal mine.There is some critical vulnerability, it could simply be something else, "warns Downing.
"It is important to note that the only intention of these botnets is coin-mining.There seems to be no secondary objectives." As mining botnets pales in importance compared to other viruses out there, the severity of these attacks is in question. .
It certainly is not as bad as going and encrypt life-saving devices in a hospital. But it is still causing a problem.
How to prevent botnet miners
In most cases, proper patch management and proper IT hygiene can prevent companies and individuals from becoming infected. "Simple patch management would block 90% of all these attacks and very often we'll be lucky.The destructive malware or data theft would be much more terrible and would use the same carrier.If you do not touch, you're probably doing the game changers and you might not even know it, "says Downing.
If you are worried about your personal computer becoming a target, you can also install an antivirus or an adblocker or use another application such as NoCoin or Minestrlock as a plug-in for Chrome.
Even if your system gets infected, the encoding behind the cryptocurrency botnets is pretty simple and should be simple for most system administrators to remove.
So, for now, these mining botnets seem to be little more than a nuisance, however, the potential for much more serious attacks is certainly there. If they manage to hijack a smartphone or computer, they could just as easily hijack a cloud, steal capacity, force business interruption, and endanger data and intellectual property.
reported
[ad_2]Source link