Is Cryptojacking the next wave of cybercrime?

Over the last year and a half, we have seen a rise in ransomware attacks. Some of the big ones were Wannacry (it used Eternal Blue, a package that was created to exploit a vulnerability in Microsoft’s Server Message Block). This vulnerability was discovered by the US National Security Agency (NSA), but rather than report it to Microsoft, they kept quiet and used it to create an exploit for their own use), and NotPetya – a fake update to one of the most popular tax software packages in the Ukraine. [1]

Wannacry spread to 150 countries virtually overnight, NotPetya (named as such because it initially looked like a variant of Petya but turned out to be more destructive) spread to over a hundred countries in a few days.

Pay-outs were low, but damage high. A lot of variants sprung up and so did ransomware as a service, many demanding Bitcoin as a payment.

With the emergence of cryptocurrencies like Bitcoin, many people jumped on the crypto-mining bandwagon, buying up graphics cards (GPUs) to perform mining operations from their homes. Mining is a validation of the transactions that have taken place between parties. For their efforts, successful miners earn rewards in the currency they validated. Continued mining can thus be seen as an annuity income with a 100% hit rate, whereas ransoms are typically one-shot deals with very few victims actually paying.

For many years there has been a benevolent and opt-in use of personal computing power in the form of distributed computing. A person joins a project (such as cancer research, climatology, and astronomy), downloads a portion of the research, processes it using their personal computer and uploads the results.

Combine this distributed processing with crypto mining and you get cryptojacking. Criminal elements hire botnets, or use malware to create their own, and infect those systems with mining programs. Others hide mining scripts in compromised websites. These scripts and malware steal low levels of processing power as well as minimal resources to try and stay under the radar. The sheer number of infectible machines make economies of scale a viable proposition.

Given these circumstances, cryptojacking maybe the next big wave of cybercrime.

 

References:

[1] https://www.techrepublic.com/article/the-top-10-worst-ransomware-attacks-of-2017-so-far/

The following two tabs change content below.

Andrew Smith

Andrew is a senior systems-engineer with over 20 years experience in corporate and small business environments. This includes consulting for large ICT service providers. He has supported systems at every level in the organization, including infrastructure, operating systems, applications, and perimeter protection. He also collaborates with software development teams on web, database, and infrastructure security. Andrew has co-founded multiple ICT businesses, where he advises on cybersecurity strategies and policies. Andrew has a 3-year National Diploma in Electronics (light current).

Latest posts by Andrew Smith (see all)