Mining malware warning
Anyone who works with cryptocurrencies should be on their guard. It could be that hackers are already mining you.
In a recent analysis, researchers at NTT Security's Global Threat Intelligence Center (GTIC) report on malware designed exclusively for mining the anonymous cryptocurrency Monero. The malware is installed on the victim's computer or smartphone without them realizing it and, once installed, uses the computer's resources to mine cryptocurrencies. The hackers pocket the profit.
NTT Security has access to 40 percent of global Internet traffic and also analyzes information from a wide range of threat sources. Based on this data, the security-focused company was able to prove that cyber criminals primarily use phishing emails to gain access to computers and unpatched vulnerabilities or backdoors to penetrate networks. GTIC researchers also found that legitimate mining services such as Coinhive can be abused to infect mobile games and websites. At the time of the analysis, they found around 12,000 examples of Monero mining malware.
Mining will continue to develop
"The acceptance and proliferation of digital currencies has made investing in cryptocurrencies a new way to make money. However, it has become increasingly time-consuming and costly to make a profit from cryptocurrency mining. Cyber criminals have therefore developed malware to overcome barriers to entry and generate profits for themselves," said Terrance DeJesus, of NTT Security. "Enterprises cannot ignore the threat of mining malware. Mining will undoubtedly continue to evolve and potentially be incorporated into other types of malware, such as banking Trojans and Ransomware be built in. Those who ignore the threat risk massive damage."
Measures
NTT Security recommends the following measures (cf. also here) to minimize the risk of mining malware entering the IT environment:
- Conduct regular risk assessments to identify vulnerabilities
- Implement a comprehensive cyber security strategy with multiple layers of security to reduce exposure to threats
- Regularly update operating systems, applications and devices with the latest patches and deploy intrusion detection and prevention solutions to stop attacks
- Train employees on the proper way to handle phishing attacks, suspicious email links, unsolicited emails, and file attachments.
- Proactively monitor network traffic to detect malware infections and ensure security
Source: NTT Security
