A new report by cyber security firm CyberArk has laid out the extent to which hackers are engaging in illicit cryptocurrency mining, or “cryptomining”.
The practice involves botnet attacks that take over a computer’s resources and using them to secretly hash cryptocurrency data, with the proceeds going to the hacker.
Monero (XMR), an open course cryptocurrency with an emphasis on anonymity and decentralisation — otherwise known as the “privacy coin” — has been targeted by hackers in the past year.
“Millions of computers both at home and in organisations, infected with malware and unwitting botnet members, suddenly offered the opportunity of a lifetime to criminals who could use them to mine XMR,” said CyberArk.
“Malware monetisation techniques such as ransomware began to fall to the wayside, and executable programs became silent vampires, siphoning electricity and converting it into cash for hackers all over the world,” said the report.
The Monero market value is approximately $3 billion. It has been the target of cryptominers in 2018, including a $3 million botnet attack called Smominru that infected 500 million computers worldwide.
One the features of cryptomining hacks is relationship between the hacker’s skill and ease of detection, said the report.
“When designed by an advanced attacker, cryptomining malware may prove to be one of the most difficult genres of malware to detect, due to its minimal Windows API usage, low user interaction and input levels and small list of requirements needed to carry out its mission,” said CyberArk.
“All it takes is a connection to a mining pool, the ability to automatically run when the system starts and the capacity to consume a large number of CPU cycles.
“For this reason, we can expect cryptominers — and the anonymous Monero cryptocurrency it targets — to remain a ubiquitous feature of the constantly evolving threat landscape for years to come.”