Cryptojacking attacks that deploy malware on a victim’s device to secretly mine cryptocurrency have been widespread over the past year. In the first half of 2018, malware detections increased by 500%.
A survey in August 2018 reported that Cryptojacking had affected more than half of companies in the UK alone at some point. Special research findings from the cybersecurity company JASK have shown that since its debut in November 2018, an updated version of Trojan Shellbot has been prevalent.
Among many malware mining cryptocurrency, it mainly targets major crypto companies, hijacking systems to mine Monero altcoin (XMR). The recent threat primarily affects Linux-based users as hackers attack Linux web servers worldwide.
The company’s hackers are a Romanian group called Outlaw. Palo Alto Networks research found another Monero-mining malware targeting Linux users in January 2019 that could disable cloud-based security measures to prevent detection.
Cryptojacking is not a new occurrence. Since 2011, there has been the ability to use computer resources to mine bitcoin without specialized hardware. However, in the second half of 2017, cybercriminals only started developing malware that observed the boom in cryptocurrencies. In addition, one does not need to be a highly qualified software engineer to enter the illegal mining business.
Cryptojacking as a service can only be purchased for half a dollar on the dark web. Due to the higher level of confidentiality and ambiguity inherent in certain cryptocurrencies such as Monero and Zcash, tracing and catching hackers is difficult. Monero (XMR) was the most popular botnet-focused cryptocurrency. A recent study showed that botnets mined only 4.3% of Monero (XMR).
