Tag Archives: cryptocurrency

Your Company’s IT Resources are a Mine for Hackers

Blockchain technology was invented in early 2009 to support bitcoin, a new digital currency with a clear objective: make transactions without the need for traditional intermediaries. Invented by the enigmatic Satoshi Nakamoto, bitcoin kicked off the cryptocurrency boom. But as society’s interest in cryptocurrencies has grown, so has criminal interest, creating headaches for companies’ security departments.

The rise of cryptojacking

Mining cryptocurrency is necessary for the system to work. Mining consists of a series of computations performed to process transactions made on blockchains. It creates new cryptocurrency and confirms transactions along the blockchain network. To create more cryptocoins, it is necessary to mine them. Without mining, the system would collapse.

Many users themselves have begun mining cryptocurrencies as a way to make money. Miners perform mathematical operations to verify transactions, and to do so, they use special software. Therefore, for mining to be lucrative, it is necessary to have a great deal of computational power. To make money from mining, cybercriminals are turning to cryptojacking.

Cryptojacking consists of the unauthorized use of a user’s devices to mine cryptocurrency. Basically, attackers make use of malware to hijack computers, tablets or smartphones, for example, and use them to covertly mine cryptocurrency. The user will probably note some lag in their device, but won’t be aware that it’s due to an attack attemping to mine cryptocurrency. One of the most common techniques consists in taking control of the victim’s CPU or GPU from a website infected with malware to mine cryptocurrency, such as what happened recently with YouTube. In this case, the advertising agency DoubleClick was victim of an attack that hid a Coinhive cryptojacking script in the code of YouTube advertisements. Coinhive is the most commonly used script to carry out these types of attacks. A study by security researcher Troy Mursch detected 50,000 new infected websites with cryptojacking scripts, with 80% of them using Coinhive.

Another attack technique consists in using Microsoft Word’s online video function, which allows users to insert videos in documents without the need to embed them. In this case, attackers take advantage of this feature to insert malicious scripts and to covertly take control of the power of the victim’s CPU.

Background theft

Cryptocurrency has become the gold of the 21st century. As a result, we are set to see more attacks attempting to mine cryptocurrency. Now that IT teams and state security forces have their eye on ransomware attacks, cybercriminals are opting for more secure methods to make a buck and have begun stealing IT resources to mine.

The difficulty in detecting this type of attack is making it one of cybercriminals’ preferred methods to illegally line their pockets. These attacks are also becoming increasingly sophisticated in order to affect the greatest number of devices possible. The more computational power they steal, the faster they can mine. This is giving rise to attackers fighting each other over CPU resources. Cybercriminals are including a mechanism in their code to detect competing miners and eliminate them in order to take complete control over the CPU’s resources.

That’s why companies are becoming the prime objective of attackers in 2018. If they get access to a corporate network, they have an enormous amount of resources available to them.

How can a company protect itself from cryptojackers?

These attacks have serious consequences for businesses. The most evident consequence comes from stealing CPU cycles which can slow down systems and networks, putting business and the general system availability at risk. Furthermore, once a company has been attacked, it is likely that a lot of time, money and effort will be required to get rid of and correct the problem. Intensive cryptocurrency mining can also have financial repercussions for a company, as electricity bills can be quite a bit higher due to the high energy demand.

Additionally, these attacks can wreak havoc on corporate devices. If mining is performed over a prolonged period of time, devices and their batteries can experience extreme overheating which can the devices.

Of course, one should also not forget that being a victim of cryptojacking means that an attacker has gotten through security systems and has obtained control of the company’s devices, putting the company’s data privacy at risk.

To be protected from a possible cryptocoin mining attack, one should follow these security measures:

  • Perform periodic risk evaluations to identify vulnerabilities.
  • Regularly update all systems and devices.
  • Adopt advanced cybersecurity solutions that allow for a detailed visibility of activity on all endpoints and control all running processes.
  • Create a secure browsing environment, installing extensions that hinder cryptocurrency mining.

The post Your Company’s IT Resources are a Mine for Hackers appeared first on Panda Security Mediacenter.

Read More

Cryptojacking: the result of the “cryptocurrency rush”

Tools for mining cryptocurrencies also fall into this category, as in many cases the websites cannot warn users since they have been compromised themselves, hence even the administrators may not be aware that they are contributing to mining for the benefit of an attacker.

The post Cryptojacking: the result of the “cryptocurrency rush” appeared first on WeLiveSecurity

Read More

Cryptocurrency. A tool for criminals?

Cryptocurrencies had an exceptional year in 2017. Both the technology and the value of virtual currencies have experienced historic breakthroughs. At the same time, the rise of these digital currencies is causing serious concerns in the world of cybersecurity. Are cryptocurrencies mainly a tool for criminals?

What are cryptocurrencies?

Cryptocurrencies first appeared due to the need to make anonymous transactions. While the idea of a decentralized digital currency first came about in 1998, it wasn’t until 2009 when the first cryptocurrency was created: Bitcoin. Currently, more than 1,300 cryptocurrencies exist. Each one has a different origin and characteristics, but all are alike in that they are digital and attempt to ensure anonymity in transactions.

Cryptocurrencies guarantee a complete, balanced and secure way to make transactions. That’s why they are used as a currency for the exchange of goods and services. They can also be exchanged for money, including other cryptocurrencies. Some digital currencies are only used to buy certain types of goods or other cryptocurrencies, while the best-known cryptocurrencies, such as Bitcoin, Ethereum and Litecoin, can be used like regular money.

One of the most common concerns surrounding cryptocurrencies is the fact that they have to be mined. Many digital currencies are obtained through performing mathematical computations, and much like powering any other computer, cryptocurrencies are obtained through the energy expenditure these operations produce. The legality of cryptocurrencies is currently a hot topic. There are countries considering prohibiting the use of the digital assets, while in others they are stuck in a sort of legal limbo.

Blockchain and digital security

Naturally there are genuine concerns regarding the safety of cryptocurrencies. After all, one wonders if their digital foundation could be exploited by cybercriminals, or if there is a possibility of cryptocurrencies being hacked and created from scratch. As we explained earlier, the reality is cryptocurrencies are generally very safe. Although cracking the existing security of a cryptocurrency is mathematically possible, the cost of doing so is prohibitively high.

It would require more computer power than any large technology could possibly have. This is mostly due to the fact that cryptocurrencies use blockchain technology. A blockchain consists of a distributed database, and by design, blockchains are completely tamper-proof. To that effect, cryptocurrencies use trusted timestamping, which proves the exact time that data existed along the chain. Any altering or tampering of the timestamp would break the integrity of the digital currency and devalue it to zero.

Blockchain technology is extremely useful in cryptocurrency mining. So much so that without this technology, digital currencies would not exist or would be very different. Blockchain technology is the cornerstone of cryptocurrencies’ impenetrable defense as well as of their anonymity.

A tool for cybercriminals?

Cryptocurrencies’ solid defense is however a double-edged sword. The anonymity of cryptocurrencies is one of the most appealing aspects for cybercriminals. After all, a digital currency that assures transparency and a simple transaction would appear to be an ideal method of payment for outlaw hackers.

Currently practically all ransomware attacks ask for payment through Bitcoin or other cryptocurrencies. However, this is not the only appeal for cybercriminals. The “PandaLabs Annual Report 2017” states that cryptocurrency mining infections are set to increase in frequency.

One of the newest attacks consists of infecting browsers, causing users to behave like cryptocurrency miners. This sort of attack will probably only become more common. While theft or loss of a user’s cryptocurrency wallet is much more difficult, it is still possible. One example is the recent freeze of hundreds of millions of dollars’ worth of Ether, Ethereum’s digital currency.

Despite the unfortunate fact that the use of cryptocurrencies will probably always be linked to cybercrime, this is a mere unintended result. Cryptocurrencies continue to be of great use, despite their extreme volatility. There are increasingly more businesses and countries using digital currencies to exchange services or influence the economy in a secure way. That said, security can sometimes manifest itself in strange ways and have the opposite effect of its original intent, which can lead to catastrophic consequences for a company if it is not well prepared.

The post Cryptocurrency. A tool for criminals? appeared first on Panda Security Mediacenter.

Read More

Cryptocurrency scams on Android: do you know what to watch out for?

The recent rise in cryptocurrency scams appearing on the Android platform in disguise has shown that such incidents are not exclusive to PCs and also highlight the importance of knowing what to look out for so you do not unintentionally take part.

The post Cryptocurrency scams on Android: do you know what to watch out for? appeared first on WeLiveSecurity

Read More

US and UK government websites hijacked to mine cryptocurrency on visitors’ machines

If undetected by a user’s security solution or content- or ad-blocker, the script ran in the background unbeknown to the user until the webpage was closed. A number of the affected websites, including that of the ICO, were also offline for hours in the aftermath of the attack.

The post US and UK government websites hijacked to mine cryptocurrency on visitors’ machines appeared first on WeLiveSecurity

Read More

Watch Out! New Cryptocurrency-Mining Android Malware is Spreading Rapidly


Due to the recent surge in cryptocurrency prices, threat actors are increasingly targeting every platform, including IoT, Android, and Windows, with malware that leverages the CPU power of victims’ devices to mine cryptocurrency.

Just last month, Kaspersky researchers spotted fake antivirus and porn Android apps infected with malware that mines Monero cryptocurrency, launches DDoS attacks, and performs several other malicious tasks, causing the phone’s battery to bulge out of its cover.

Now, security researchers at Chinese IT security firm Qihoo 360 Netlab discovered a new piece of wormable Android malware, dubbed ADB.Miner, that scans wide-range of IP addresses to find vulnerable devices and infect them to mine digital cryptocurrency.

According to the researchers, ADB.Miner is the first Android worm to reuse the scanning code programmed in Mirai—the infamous IoT botnet malware that knocked major Internet companies offline last year by launching massive DDoS attacks against Dyndns.

ADB.Miner scans for Android devices—including smartphones, smart TVs, and TV set-top boxes—with publicly accessible ADB debug interface running over port 5555 and then infects them with a malware that mines Monero cryptocurrency for its operators.

Android Debug Bridge (ADB) is a command-line tool that helps developers debug Android code on the emulator and grants access to some of the operating system’s most sensitive features.

It should be noted that almost all Android devices by default come with the ADB port disabled, so botnet would target only those devices that have manually been configured to enable port 5555.

Besides mining Monero cryptocurrency, ADB.Miner installed on an infected device also attempts to propagate itself by scanning for more targets on the Internet.

Researchers did not reveal exactly how or by exploiting which ADB flaw hackers are installing malware onto Android devices.

However, the researchers believed hackers are not exploiting any vulnerability that targets any specific device vendor since they found devices from a wide range of manufacturers impacted.

According to the researchers, the infection started on January 21, and the number of attacks has increased recently. As of Sunday, the researchers detected 7,400 unique IP addresses using the Monero mining code—that’s more than 5,000 impacted devices in just 24 hours.

Based on the scanning IP addresses, the highest number of infection has been noticed in China (40%) and South Korea (31%), the researchers estimated.

In order to fight against such malware Android users are advised not to install unnecessary and untrusted applications from the app store, even from Google Play Store, and keep your devices behind a firewall or a VPN.