There is a new kind of malware threat out there. It doesn’t encrypt your files, delete your data, steal your information or even deface your website but it steals your computing power and electricity to make money for your attacker. This is called Cryptojacking.
First let’s understand what Cryptocurrency and Cryptocurrency mining is. In simple terms, crypto currency is a digital currency designed to work as a medium of exchange that use cryptography as its underpinning to secure transactions, to control the creation of additional units and to verify the transfer of assets. The new units of currency are generated by “mining”. This process is computationally intensive which requires lots processing power. In the end, the computer is rewarded to solve complex math problems.
Cryptocurrency miners are setting up legitimate mining farms at locations with cheap electricity and empty space. However, with cryptocurrency market exploding from $18 billion to $600 billion during 2017, there is rise in crypto-miner malwares. Unauthorized cryptocurrency mining can take up the processing capacity of your critical computing resources. Such malwares can leave your environment vulnerable to potentially lethal malwares such as trojans or ransomwares. There is a need to increase awareness amongst organizations, the security threats of crypto mining malwares.
Cryptojacking applications are malicious payloads that can be delivered through various means. Secureworks reported on attackers who exploited unpatched vulnerabilities in Oracle WebLogic servers to embed miners on both Windows and Linux servers. Vulnerabilities in Web servers have also been exploited, as researcher Troy Mursch demonstrated when he found more than 50,000 websites (including many based on WordPress) to be infected. On the bright side, cryptocurrency miners often use existing kits to carry their payload, therefore existing defense mechanisms can work to keep them from infecting your environment.