Cryptocurrency Mining Botnets Are Becoming An Epidemic
Cybercriminals are ingenious folk. Highly opportunistic, they’re continually on the look-out for new ways of wreaking havoc among systems or making a fast buck. And it’s the latter motive–personal profit–that seems to be fueling the latest flavor of the day. Cryptocurrency mining botnets are making cybercriminals easy money without most of us even knowing.
When it comes to quick payouts, Ransomware (by which a hacker holds a victim’s computer hostage until payment is sent) is often the method of choice. It’s so popular in fact that damages are predicted to reach $11.5 billion by 2019, with a Ransomware attack happening every 14 seconds, according to Cybersecurity Ventures.
However, just like magpies drawn to a shiny piece of silver, cybercriminals are flocking to a new way of amassing their personal fortunes. Cryptocurrency mining botnets. It’s simple, painless, and arguably relatively harmless when compared to other types of attacks. In fact, victims of cryptocurrency mining botnets probably won’t even know they’re infected.
Principal Analyst at Alert Logic cybersecurity providers Matt Downing remarks, “The coin mining phenomena is really in your face, it’s not subtle. It’s probably more than 80 percent of the attacks we see. I would say it’s something of an epidemic.”
Alert Logic analyzed 500,000 attacks targeting Oracle Weblogic (cve-2017-10271). Over the first two months, they saw coin miner payloads approximately 80 percent of the time. The very first attack they saw (and the first publicly disclosed attacks) were attempting to install coin miners.
Yikes. That raises an important question…
What Are Cryptocurrency Mining Botnets?
Mining cryptocurrency requires a vast amount of computational power, specialist equipment, or a gigantic mathematical brain. Sometimes a combination of these things. And if you don’t have access to extremely inexpensive power, mining cryptocurrency simply isn’t cost-effective.
Unless you program, cryptocurrency mining botnets to do the job for you.
Think of them as a programmable army that does the heavy lifting for the malicious miner. And here’s the clever part. Instead of going after just one computer with limited processing power, mining botnets infect a bunch of devices at once, including computers, smartphones, and servers.
“Monero is hands down the most popular cryptocurrency for these types of activities,” Downing states. Perhaps due to its liquidity and the fact that it’s significantly easier to mine than Bitcoin or Ethereum.
In fact, you may remember the Smominru mining botnet that hijacked over half a million computers and forced them to mine more than $3 million of Monero. All while their owners were blissfully unaware.
There’s almost a beauty in the simplicity of cryptocurrency mining botnets and an egalitarianism to it. Victims are infected with malware which uses the CPU power of their device to mine cryptocurrency almost completely indiscriminately.
Some devices mine better than others, but since they can all do it, they are all equal targets. And the victims’ location is incidental, opening up the pool of targets for unscrupulous miners.
And the profits? They get directed to the wallet of the hacker.
But unlike Ransomware, the victim won’t be asked for money. They’ll simply be lending their computational power. They may not even see a red flag until a huge electricity bill arrives at the end of the month. Or they start wondering why their laptop fan is working on overdrive.
Using cryptocurrency mining botnets or “cryptojacking” doesn’t require any interaction between the perpetrator and the victim. And rather than a hit-and-run, high-profit attack, they provide a sustainable way of making money slowly–so long as the botnets go undetected.
It’s a low risk, long-term way of accumulating money. The payout isn’t high or immediate, but like the Monero attacks, patient players in the space can make millions of dollars over time if they’re sensible about it.
Ramp up the victim’s CPU to 100 percent and they risk damaging the device irreversibly. That would be no use to the miner and a huge red flag to the victim. But tweak the CPU just enough that it can mine overtime and you’ve got sustainable profits.