Carbon Black Study Claims Cryptojackers are Making Money Off Security Data Seizures
- With the prices of many altcoins (such as XMR, XRP) quite low at the moment, a number of ghost mining hackers are resorting to stealing individual metadata.
- The value of this metadata (according to many experts) is estimated to be worth more than a million dollars.
As per an all new report released today by cybersecurity firm Carbon Black, a widely used monero mining bot apparently contains a hidden module that has the ability to seize its users’ IP addresses, domain info, usernames, and passwords.
The botnet — called “Access Mining” — has allegedly been acquiring a host of sensitive customer data for over 24 months now. Not only that, it is also being reported that a couple of years back, more than 500k machines were infected with a XMR mining protocol called XMRig.
In this regard, it bears mentioning that most of the affected machines were located across Russia, Eastern Europe, and Asian Pacific.
At the time of the aforementioned attack, the 500,000 odd computers that were infected with the ghost protocol were also secretly infested with a data collection software.
Through the use of various open-source programs (on GitHub) like Eternal Blue and Mimikatz, the hackers were able to use XMRig to steal a huge amount of private information from their victims.
Till date, the hackers have been able to sell the aforementioned data across various dark web markets for a total of $1.69 million. Not only that, the infected machines can allegedly be rented for 24 to 48 hours (which serves as a source of passive income for the hackers.)
The rent, however, varies quite substantially depending upon the machine’s location and owner.