Get short URL
The illegal mining of cryptocurrencies has increased by 459% year on year in 2018, a report revealed – and much of the wave is due to software defects originally identified and exploited by the National Security Agency (NSA).
Review indicates a 629% increase in coin mining malware in the first quarter of 2018, with nearly three million examples detected. Monero was the main target, accounting for 85% of all illegal encryption – Bitcoin accounted for a comparatively insignificant eight per cent of the illicit mining market, all other seven cryptocurrencies.
Only Way is Up
The increase is in a sense gravitational: by definition, anything with a monetary value attracts criminal activities and, as the use and value of the cryptocurrency have grown , has a nefarious interest for the good. Furthermore, cryptocurrencies play an increasingly important role in the "dark web" markets for illicit goods such as drugs, weapons, stolen data and the like, due to the anonymity they theoretically provide.
AP Photo / Ahn Young-joon
A man observes bitcoin prices at the Bithumb cryptocurrency exchange in Seoul, South Korea, Wednesday 20 June 2018
While the report notes that most cases of illicit extraction are relatively unsophisticated, often exploiting spam and phishing e-mail campaigns. However, in an ironic way, even the growth of illegal cryptography has been greatly facilitated by the loss of EternalBlue, an exploit of Microsoft Windows security vulnerabilities originally developed by the NSA, in 2017.
The vulnerability exploits Microsoft Server Message Block 1.0, a network file sharing protocol and allows applications on a computer to read and write to files and request services on the same network.
When the instrument was leaked in 2017 the hackers found a flaw in the NSA software, allowing them to manipulate the power of other computers to extract the cryptocurrency.
Tangled Up in Blue
The exploit became so widely used by the Microsoft hackers transferred to release a "critical" security update, extending also to the Windows XP operating systems, which the technology giant officially ceased to support in 2014.
Links exposed between "Regin" malware and QWERTY Spy Tool NSA
However, the company's efforts have done little to undermine its prevalence in cyberattacks. The elements of exploit have even been intertwined in two common Trojans – Retefe and TrickBot – used in various email phishing campaigns addressed to companies and individual users, allowing a much more effective spread of viruses through computer networks. The mischievous couple was used to attack banks in Austria, Sweden, Switzerland, Japan and the United Kingdom.
EternalBlue was also critical to the infamous "WannaCry" worldwide computer attack in May 2017, which targeted computers that were running Microsoft Windows by encrypting data and requesting redemption payments from users in the form of Bitcoins. –
In the wake of the attack, Microsoft firmly condemned the NSA, and governments in general, to grab vulnerabilities, urging nation state actors to report vulnerabilities to sellers "rather than accumulate, sell or exploit them."
"This attack provides another example of why governments' accumulation of vulnerability is a problem of this kind, an emerging model in 2017. We have seen archived vulnerabilities stored by the CIA on Wikileaks and now this vulnerability is subtracted from the NSA. has hit customers all over the world: repeatedly, exploits in the hands of governments have been leaked into the public domain and have caused widespread damage. An equivalent scenario with conventional weapons would have been the US army that stole some of its missiles Tomahawk should consider this attack as an alarm bell, must take a different approach, adhere to cyberspace to the same rules applied to weapons in the physical world [and] consider the damage to civilians resulting from the hoarding of these vulnerabilities and from the use of these exploits, "said company president Brad Smith