Cryptojacking Hackers are Targeting Highly Trusted and Trafficked Indian Govt Sites for Mining Power
Cryptojacking Activities Now Targeting Indian Government Websites for Crypto-Mining Power
According to a report by the Economics Times on September 17th 2018, Indian government websites are now popular cryptojacking avenues. This was to some extent inevitable given the country’s vibrant crypto & blockchain community.
For those who might don't know the term ‘cryptojacking’, it involves a malware infection that can divert a computer’s processing power to mine crypto coins. This is done without the approval or knowing of the owner. Clearly, the practice is not market friendly and may result to an unfair digital asset distribution.
The latest research conducted on India’s government agencies that have been ‘cryptojacking’ victims is quite shocking. Hackers have gone to the extent of using local government municipal websites for crypto mining activities. A good example is the Macherla municipal, Tirupati Municipal, Andhra Pradesh municipal administration director’s website.
Indrajeet Bhuyan, an Indian based researcher within the security arena told the Economic Times,
“Hackers target government websites for mining cryptocurrency because those websites get high traffic and mostly people trust them. Earlier, we saw a lot of government websites getting defaced (hacked). Now, injecting cryptojackers is more fashionable as the hacker can make money.”
The Times further revealed that the vulnerable platforms within India’s authority websites were initially discovered by Bhuyan, Sarma Anish & Ahmed Shakil. The websites identified as cryptojacking targets interestingly were subdomains of the “ap.gov.in”, India’s government domain. Hackers may have identified these platforms as potentials given their high traffic which is roughly 150,000 monthly.
India’s mining community is highly active; the Economic Times reported that cryptojacking website victims can appear in over 110 searches. In addition, the casualties are not only the government entities but other enterprise related websites too. The most popularly mined coin via the web browsers is Monero (XMR), made possible by a Coinhive protocol designed to mine the XMR altcoin.
Fortinet was cited by the Economic Times in its report on stats involving the rise of cryptojacking activities. According to the report, cryptojacking became twice as rampant between the Q4 of 2017 and the beginning of 2018. The cases of cryptojacking victims reported by enterprises rose from a low of 13% to a high of 28%.
Rajesh, a Fortinet employee, told the Economic Times that hackers often end up reducing mining cost by cryptojacking. They do this at ease with only having to divert the power attention on a running website using ransomware and mine crypto coins instead. Mr. Rajesh further noted that websites used for streaming illegal content are more vulnerable to cryptojacking activities as multiple CPU cycles can be made of use by the script in the process.
Cryptojacking activities appear to be moving to the Internet of Things (IoT) space according experts in the security wing. The Economic Times supported this report by sentiments on the potential power supply by idle IoT devices towards cryptocurrency mining activities. As it stands, over 13,000 Indian based routers have already been malware infected to enable cryptojacking. The country comes second to Brazil which seems to be more crypto-mining oriented.
The most recent general report on cryptojacking activities worldwide shows an over 600% increase within 2018 according to McAfee cyber security firm.