Cybercriminals use malware for cryptocurrency mining payloads

cryptomining

Cryptocurrency mining has replaced ransomware as the cybercriminals preferred method to make money.

Instead of demanding bitcoins to unlock computing devices encrypted by ransomware they quietly harness its CPU/GPU power to mine bitcoins. Get enough devices into a bitmining botnet and money starts flowing – or at least in theory.

Bitdefender has discovered a massive increase in global crypto miner reports (130.1%), showing cybercriminals intense interest in this new money-making scheme.

Cybercriminals can leverage remote code execution (RCE) vulnerabilities to deliver crypto-mining malware to targeted machines.

The leaked EternalBlue NSA exploit used in 2017 to spread the WannaCry ransomware to more than 150 countries. It recently targetted enterprise servers to mine cryptocurrency.

Embedded into the attack was worm-like behaviour dubbed WannaMine. It automatically spread through targeted infrastructure and loaded the mining software to other vulnerable servers.

These attacks can penetrate private and public cloud data centres. Massive hardware infrastructures that crypto miners yearn for.

Cryptocurrency miningWeb-based software – web scripts – injected into web pages can turn a visitor into a cryptocurrency miner directly from the browser. Crypto jacking mining script littered more than 50,000 legitimate websites. These effectively hijack visitor’s CPU.

GadgetGuy’s take – Cryptocurrency mining is for big business

While Bitdefender is correct in its observations, there is little for Joe and Jane Average to be concerned about. If they are unlucky enough to be infected (WannaCry etc. doors should have been shut by now), they will notice their devices slowing down, getting hot and possibly malfunctioning. Such is the drain on normal computers and smart devices.

What cybercriminals are looking for are the vast resources of private and public clouds to use the downtime or unused processing power.  They also want the free electricity needed to process blockchains.

If you are gullible enough to consider bitcoin mining as the next easy way to make money read this and weep.