Cryptocurrency Mining Malware Abuses 4000 Websites
February 12th, 2018
Sites include American Courts System uscourts.gov
Driver Was To Use Idle Computing Power of Computers to Mine Cryptocurrency, Monero
WASHINGTON, February 12, 2018 – Security Researcher, Scott Helme, first found malware that leveraged the victims’ devices to generate the cryptocurrency Monero by performing complex, CPU-intensive calculations, a mathematical process known as “mining” that’s used to create some cryptocurrencies.
On Sunday, the U.K.’s National Cyber Security Centre (NCSC) issued a statement that it was “examining data involving incidents of malware being used to illegally mine cryptocurrency.”
In a report last month, our Partner, cybersecurity firm CrowdStrike, highlighted the rise of cryptocurrency mining, a relatively new flavor of attack.
“In recent months, CrowdStrike has noticed an uptick in cyberattacks focused on cryptocurrency-mining malware that takes advantage of available CPU cycles, without authorization, to make money,” the firm wrote, noting that it “expects to see much more” of this activity moving through 2018.
Still, as Helme points out, things could have been a lot worse: a similar vulnerability leveraging hack could have compromised government credentials or stolen identities instead of mining Monero.
Bala Ramaiah, ISSQUARED's CEO said, “ORSUS's Identity and Access Management (IAM) module provides a safety valve to prevent unauthorized applications (malware software) to run on corporate machines. ORSUS IAM lets Administrators define which users can execute which applications, defeating the intent of unethical hackers, in the off-chance that they get past network firewalls.”