Cryptocurrency mining botnets are helping cyber-criminals obtain easy money without most of us knowing it.
Cybercriminals are malicious, highly opportunistic people. They are continually looking for new ways to wreak havoc between systems or make quick money. And it is the latter motive – personal gain – that leads them to commit their misdeeds.
As of late, and even all of 2018 so far, examples like Operation Prowli, ComboJack, Xbooster, Drupal, Digimine, Evrial, and FacexWorm all come to mind and as well as companies who have specifically set intentions to help protection users 360 Total Security.
Also while we are at it, this also comes of timely notice where the ISACA saying Crypto Mining Malware has outpaced Ransomware attempts as of 2018 now which has contributed to the rising internet trend of crypto jacking and mining bots.
For example, a ransomware for which a hacker holds your computer hostage until you send it a payment is often the method of choice when it comes to fast payments. In fact, ransomware is so popular that damage is estimated to reach $11.5 billion by 2019. There is a Ransomware attack every 14 seconds worldwide, according to Cybersecurity Ventures.
More and more cyber-criminals are also massively applying a new way of piling up illicit money: the mining botnets of cryptocurrencies. They seem harmless compared to other types of attacks, but many of the victims of Cryptocurrency mining botnets may not even know they are at the mercy of this attack.
Matt Downing of Alert Logic explained:
“This minting of cryptos is the most shameless thing, it is not something subtle. This has become 80% of the attacks we are seeing today. This is becoming an epidemic.”
Alert Logic analyzed 500,000 attacks targeting Oracle Weblogic (cve-2017-10271). During the first two months, they saw coin miners' payloads about 80% of the time. The first attack they saw (and the first attacks revealed publicly) were attempts to install miners.
What Are Cryptos Mining Botnets?
Crypto-mining requires a great amount of computational power and specialized equipment. Sometimes a combination of these things. By the way, if you don't have access to extremely cheap energy, mining cryptocurrencies is not cost-effective.
But it can all be cheaper if you schedule some mining botnets to do the work for you. These bots are now doing the heavy lifting for the malicious miners. Instead of chasing a single computer with limited processing power, mining botnets infect a lot of devices at once, including computers, smartphones and servers.
Cryptocurrencies such as Monero (XMR) are some of the most popular cryptos for this type of activity, due to their liquidity and the fact that they are significantly easier to extract than Bitcoin (BTC) or Ethereum (ETH).
A similar incident occurred with the Smominru mining botnet that kidnapped more than half a million computers and forced them to extract more than $3 million in Monero (XMR). All this happened while the owners didn't even know what was going on.
Victims become infected with malware that uses the CPU power of their device to mine cryptos almost indiscriminately. Some devices are better than others, but since everyone can do it, they are all equal targets. And the location of the victims is incidental, which opens up the range of victims for unscrupulous miners.
Infecting machines is easy. Botnets can enter a computer through phishing campaigns, a compromised website, or even a software download. And they can go unnoticed, as long as the CPU usage is not alarmingly high.
The proceeds go directly into the hacker's wallet. Unlike Ransomware, the victim is not extorted. Only his computational power is stolen. They may not even see an alarm signal until a huge electricity bill arrives at the end of the month. Or they start to wonder why their laptop's fan runs on overdrive.
The use of botnets for mining cryptos is also known as cryptojacking. This type of activity does not require interaction between the perpetrator and the victim. And instead of being a runaway hit-and-run and a high-return attack, it provides a sustainable way to make money slowly, as long as the botnets are not detected.
It is a low-risk, long-term way to accumulate illicit money. Payment is not high or immediate, but patient wrongdoers can earn millions of dollars over time.
By increasing the CPU speed to 100% for long periods of time, there is a great risk of irreversibly damaging the device, if this happens it will be of no use to the hacker. But now they're programming the CPU attack so that it can extract for longer and thus reap more sustainable benefits.
How To Prevent Mining Botnets
In most cases, proper cyber-hygiene can prevent businesses and individuals from becoming infected. If you are concerned about your personal computer becoming a target, you can also install an antivirus or ad blocker, or use another application, such as NoCoin or MinerBlock, as plugins for Chrome. There is also the permission-based ones like CryptoTab that have been around and working for a few months.
Even if your system becomes infected, the coding behind the crypto-mining botnets is quite basic and should be easy for most to remove.
Mining botnets appear to be a little more than a nuisance, however, the potential for much more severe attacks is latent. If hackers can hijack a smartphone or a computer, they could just as easily hijack a cloud, steal capacity, force business interruption, or put data and intellectual property at risk. So, please, be always careful.