In 2019 Cryptojacking is going to be the hacker's
attack choice for generating revenue. Criminals are using ransomware-like tactics and poisoned websites to get your employees’ computers to mine cryptocurrencies.
Cryptojacking is a way for cybercriminals to make free money with minimal effort. Cybercriminals can simply hijack someone else’s machine with just a few lines of code. This leaves the victim bearing the cost of the computations and electricity that are necessary to mine cryptocurrency. The criminals get away with the tokens. Cryptojacking scripts do no damage to computers or victims’ data. They only steal CPU cycles.
Cryptojacking is a risk-free cheaper, more profitable alternative to ransomware, with every infected machine (100%) working for them to mine cryptocurrency (Monero and Zcash). Cryptojacking kits are available on the dark web for as little as $30. The risk of being caught and identified is also much less than with ransomware. The crypto mining code can go undetected for a long time. Darktrace has detected Coinhive and Crypto-Lootclandestine malwares on the networks of around 1,000 of its 5,000 banking clients in the last six months.
How cryptojacking works?
The other method is to inject a script on a website or an ad that is delivered to multiple websites. Once victims visit the website or the infected ad pops up in their browsers, the script automatically executes. No code is stored on the victims’ computers. Whichever method is used, the code runs complex mathematical problems on the victims’ computers and sends the results to a server that the hacker controls.
Hackers often will use both methods to maximize their return. “Attacks use old malware tricks to deliver more reliable and persistent software [to the victims’ computers] as a fall back,” says Vaystikh. For example, of 100 devices mining cryptocurrencies for a hacker, 10 percent might be generating income from code on the victims’ machines, while 90 percent do so through their web browsers.
Unlike most other types of malware, cryptojacking scripts do no damage to computers or victims’ data. They do steal CPU processing resources. For individual users, slower computer performance might be just an annoyance. Organization with many cryptojacked systems can incur real costs in terms of help desk and IT time spent tracking down performance issues and replacing components or systems in the hope of solving the problem.
No comments:
Post a Comment