Researchers say that as the price of cryptocurrencies rises, so does the amount of illegal mining detected in the wild.
Cryptocurrencies have become the preferred means for many threat actors to monetize cyberattacks. Perhaps the best-known cryptocurrency applications, including Bitcoin (BTC), Ethereum (ETH), and Monero (XMR) in the criminal territory, are when ransomware payments are made, but more secretly, Cryptocurrency mining is also a problem.
When deployed on a PC or unsecured server, cryptocurrency mining malware quietly sucks up computing resources to generate cryptocurrencies and sends them to operator-controlled wallets.
The most common form of this malware, also known as cryptojacking, can be started as a legitimate program before it is twisted for criminal purposes, but in reality it includes Coinhive, Jsecoin, XMRig, Cryptoloot, and so on.
Cyber attackers sought the best returns in their time, and in a topical survey published Wednesday, Cisco Talos researchers sought to define a link between crypto jack rates and crypto prices.
Monero was selected as the target cryptocurrency, and the cryptocurrency activity of this coin was analyzed for its value from November 2018 to June 2021.
“Monero is popular for illegal mining for a variety of reasons, but two important points are: It’s designed to run on standard, non-special hardware, so it’s defenseless for users around the world. It’s perfect for installing on a friendly system. It’s privacy-oriented. ”
Talos says the value of this cryptocurrency has fluctuated over the years, but in fact, like many other cryptocurrencies, its price has risen since late 2020 until now, when it experienced a pullback. I am.
Next, researchers applied a network-based crypto jack detection tool that monitors Monero in millions of events related to crypto mining.
According to the team, not only have they “flirt” to see how common cryptojacking has been since 2018, but except for price cuts in early 2021, “graphs are much like the value of currencies. Will be tracked. ”
“This was honestly a pretty surprising correlation, as malicious attackers are believed to need a significant amount of time to set up mining operations, so switch as soon as the value goes up. It’s rare to switch between and start mining, “says Talos. “This may still be the case for some of the threat actors deploying miners, but there are many others who are chasing money based on real-world data.”
However, given cryptocurrency mining and trading crackdowns around the world, threat attackers may pay attention to the following major issues as the crypto jack environment becomes more difficult or less profitable: there is.
“Cryptomining detection can spread to many locations, including blocking mining-related domains, enforcing end-system restrictions that prevent mining from starting, and many network-based detections on which this study is based. Yes, “says Talos. .. “Regardless of the detection point, organizations need to work to prevent it.”
Previous and related coverage
Do you have any hints? Securely contact via WhatsApp | +447713 025 499, or key-based signal: charlie0