According to Cyber Threat Alliance’s (CTA) report, hackers has been hijacking computer processor power for mining cryptocurrencies such as Bitcoin and Monero, resulting a substantial increase in illegal cryptojacking as high as 459%.
The Indian government was recently aimed for as well in a cyberattack intended for hijacking processor power from government servers for mining cryptocurrencies, as reported by CCN.
Cryptojacking malware make computers infected with it mine cryptocurrency nets like Monero. The software sends the funds to the hacker in a controlled way and slows down the computer, and the users are mostly not aware of their being exposed.
This significant upsurge in cryptojacking is associated with the EternalBlue leakage, which is a tool intended for exploiting Windoze-based systems’ default vulnerabilities. The Shadow Brokers group shared a pack of stolen NSA tools on the market in April 2017, and Windows and the NSA were responsible for this important leakage.
As a matter of fact, the tools were being developed by the NSA for their own cyberattacks, and this sophisticated software turned out to be highly challenging malware like the widely known WannaCry ransomware, which resulted in disrupted critical services in hospitals, factories, and government facilities around the globe.
Neil Jenkins, who is the chief analytics officer for the CTA, indicated in a blog post that “A patch for EternalBlue has been available for 18 months and even after being exploited in two significant global cyberattacks – WannaCry and NotPetya – there are still countless organizations that are being victimized by this exploit, as it’s being used by mining malware.”
The pack was also incorporated in processes intended for developing malicious cryptocurrency mining software, and this pose evidently a challenge. Somominru, a Monero mining campaign, has made $2.3 million as of February 2018. Bitcoin accounting for 8%, 85% of the illegally mined crypto is Monero, so XMR is the most popular currency among hackers. Indicated by CTA researchers is that its anonymity somehow supports “malicious actors hide boty their mining activities and their transactions.”
This malware was functioning on an outdated Windows software; thus, Microsoft accused the U.S. government for allegedly “stockpiling weapons for cyberattacks.”
Microsoft President and Chief Legal Officer Brad Smith clearly stated:
“This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage.”