Attackers Compromise 50,000 Servers Worldwide To Mine Virtual Currencies
- Attackers are currently using new methods to infect users and mine virtual currencies
- The methods used are becoming more powerful and damaging
According to a new report released by the Cybersecurity firm Guardicore Labs, hackers were able to breach over 50,000 servers around the world and start mining virtual currencies. This has been performed through an unusually sophisticated method.
Hackers Mine Digital Currencies After Massive Security Breach
As per the report released by Guardicore Labs on May 29, this large-scale malware attack was able to infect 700 new victims a day. There have been several targets, including firms in the healthcare, telecoms, media and IT sectors.
The cybersecurity firm was able to find 20 different malicious payloads in the malware over time. The report informed that new ones were created at least once a week. It was also possible for the attacker to install a rootkit that prevented the malware to be removed.
Guardicore explained that the attack used very sophisticated tools such as those that nation states use.
This shows that hackers and attackers are becoming stronger and more dangerous than never before. The firm informed that the package was written in Chinese and used Chinese language servers. The company explained in its report:
“The Nansh0u campaign is not a typical crypto-miner attack. It uses techniques often seen in APTs such as fake certificates and privilege escalation exploits.”
APTs are advanced persistent threats and they make reference to the way in which the attackers targeted its victims.
Before, these kinds of tools used by the attackers were only avialable to just a few parties. Nonetheless, this attack shows that these tools can now fall into the hands of less than top-notch attackers.
Moreover, the firm explained that strong credentials are vital in protecting companies’ assets and their integrity. This campaign also demonstrates that passwords comprise the weakest link in today’s attack flows, according to the report. Organizations should have strong credentials and network segmentation solutions to be protected at all times.
As we have written a short time ago at Bitcoin Exchange Guide, SIM swapping attacks have spread in the United States affecting a large number of users. One of the, a recognized developer, lost $100,000 he had on Coinbase due to these attack.