Crypto-jacking is offering nation-state hackers a lure for their most damaging attacks, Microsoft warned in a report on Monday.
The company’s intelligence team said a group called BISMUTH hit government targets in France and Vietnam with relatively large monero mining trojans this summer. Mining the cryptocurrency generated cash for the group but also distracted the victims from the real BISMUTH campaign: credential theft.
Crypto-jacking “has allowed BISMUTH to hide its most nefarious activities behind threats that may be perceived as less alarming because they are” commodity “malware,” Microsoft concluded. He said the showiness of the monero mines fits the MO of BISMUTH’s “hiding place in plain sight”.
Microsoft has advised organizations to remain vigilant against crypto-jacking as a possible decoy tactic.