NSA Tools Used to Unleash Crypto Mining Malware by Hackers

NSA Tools Used to Unleash Crypto Mining Malware by Hackers

NSA Tools Used to Unleash Crypto Mining Malware by Hackers

 

Hackers are now using software developed by the US National Security Agency (NSA) to illicitly mine cryptocurrencies. According to a recent report released by the Cyber Threat Alliance (CTA), compiled by a collective of cyber-security experts from McAfee, Cisco Talos, NTT Security, Rapid7 and Sophos, among others, crypto mining malware detections have jumped to over 400 percent within the past one and a half years.

Malicious actors are hijacking computer processor resources via internet network infrastructure intrusions, and computer hacks, among other means. One of the more worrying trends is the use of an NSA exploit leaked early last year by Shadow Brokers dubbed EternalBlue.

Soon after the release of its source code, cybercriminals used the tool to launch a devastating ransomware attack dubbed WannaCry, which led to over 200,000 computers being infected in over 100 countries. The British National Health Service (NHS) was one of the institutions targeted by the attack and experienced a network shutdown as a result.

According to new reports, the same exploit is being used to harness crypto mining power using malware called WannaMine. Computers that have been infected can become slow or experience hardware overheating issues. However, some attacks are more sophisticated. They monitor mouse or CPU usage, and automatically pause operations when processing power goes beyond a certain threshold.

This feature makes them harder to detect, allowing them to persist and ultimately generate greater returns for cyber-criminals. Generally, EternalBlue malware infections are hard to detect because of their ability to work without downloading secondary application files.

The Wannacry Malware was based on the Eternalblue exploit.

The WannaCry malware led to over 200,000 computers being infected in over 100 countries. (Image Credit: Wikipedia).

How the WannaMine Crypto Mining Malware Works

WannaMine is the most notorious EternalBlue-based crypto mining malware. It has been found to spread through various means. One of those is by internet users downloading counterfeit software from unofficial sources, email attachments, and by offering misleading software update prompts.

It relies on Windows management tools for its operations and camouflages itself within legitimate processes. As such, it doesn’t work on Android or iOS devices. However, it allows a hacker to download and upload files to a computer, enumerate running processes, execute arbitrary commands, gather system-specific information such as IP addresses and the computer name, and allows the intruder to change some device settings.

Wannamine typically uses Mimikatz, a Windows hack tool used to ‘crack’ software, to gain more system control. Originally developed by Benjamin Delpy, Mimikatz can access a computer’s passwords via its memory and enslave it to a botnet. It also has the ability to export security certificates, override Microsoft AppLocker and processes related to Software Restriction Police, as well as modify privileges.

Cryptojacking Statistics

The cryptojacking practice is apparently rampant and last November, statistics released by AdGuard indicted that more than 33,000 websites with a total of over 1 billion monthly visitors had cryptojacking scripts. Most didn’t bother to warn users about this. Monero is said to be the preferred cryptocurrency for cryptojacking actors mainly because of its pseudonymization features and ability to be mined using medium to low-end computers.

In February, over 34,000 websites were found to be utilizing CoinHive’s JavaScript miner, which is also used to mine Monero. This was according to statistics derived from the PublicWWW search database, which can be used to reveal JavaScript snippets on websites.

The CoinHive miner is a largely legitimate way of undertaking in-browser mining. Currently, only about 19,000 web pages are listed as featuring the Coinhive code. The sharp drop in websites utilizing the miner is probably in correlation with declining mining profitability.

Away from Coinhive, the Smominru Monero miner has been found to be the most active in the wild, and is spread using the EternalBlue exploit. Its usage was first detected in May last year, and at the time, actors behind it were reportedly mining $8,500 worth of Monero in a week. Their botnet network consisted of over 526,000 infected nodes, which appeared to be servers located in Taiwan, Russia, and India.

Protection Against Crypto Mining Attacks

It is easy to protect a PC against EternalBlue-based mining malware attacks by regularly updating windows and carrying out a virus scan using Windows Defender Antivirus. PC users should also avoid using ‘cracked’ software because many create backdoor access for hackers.

 

Cryptocurrency Tool Kit for only $7

Source link

Facebook Commenti

Condividi articolo

Related Posts

Bitcoin, Ethereum, Bitcoin Cash, Ripple, Litecoin: Analisi prezzo e quotazione

Commenti disabilitati su Bitcoin, Ethereum, Bitcoin Cash, Ripple, Litecoin: Analisi prezzo e quotazione

Cinque nuovi Altcoin tra cui Monero [XMR], NEM [XEM], NEO [NEO], Lisk [LSK] e Verge [XVG] saranno disponibili sull’app Abra – Altcoin News

Commenti disabilitati su Cinque nuovi Altcoin tra cui Monero [XMR], NEM [XEM], NEO [NEO], Lisk [LSK] e Verge [XVG] saranno disponibili sull’app Abra – Altcoin News

Cali sulle principali criptovalute Bitcoin, Ripple e Ethereum ma segnali tecnici indicano movimento positivo imminente

Commenti disabilitati su Cali sulle principali criptovalute Bitcoin, Ripple e Ethereum ma segnali tecnici indicano movimento positivo imminente

I fratelli Winklevoss brevettano gli ETP per le criptovalute Bitcoin, Ethereum, Ripple, Dogecoin e altre altcoin – Altcoin News

Commenti disabilitati su I fratelli Winklevoss brevettano gli ETP per le criptovalute Bitcoin, Ethereum, Ripple, Dogecoin e altre altcoin – Altcoin News

BitForex annuncia l’acquisizione di BitStar, in marcia verso l’offerta di trading su derivati

Commenti disabilitati su BitForex annuncia l’acquisizione di BitStar, in marcia verso l’offerta di trading su derivati

Atlas Protocol, Il primo protocollo di applicazione basato su Nebulas Blockchain – Vince il premio per l’eccellenza del progetto – Altcoin News

Commenti disabilitati su Atlas Protocol, Il primo protocollo di applicazione basato su Nebulas Blockchain – Vince il premio per l’eccellenza del progetto – Altcoin News

Everything You Need to Know About Cryptocurrency Regulation (Right Now)

Commenti disabilitati su Everything You Need to Know About Cryptocurrency Regulation (Right Now)

Il primo token di ricompense digitali nel calcio professionistico basato sulla Blockchain di Ethereum – Altcoin News

Commenti disabilitati su Il primo token di ricompense digitali nel calcio professionistico basato sulla Blockchain di Ethereum – Altcoin News

Ripple, il prezzo schizza su nuovi massimi

Commenti disabilitati su Ripple, il prezzo schizza su nuovi massimi

Litecoin Mining vs. Bitcoin Mining

Commenti disabilitati su Litecoin Mining vs. Bitcoin Mining

Htmlcoin eppur si muove ma il prezzo invece fatica a salire

Commenti disabilitati su Htmlcoin eppur si muove ma il prezzo invece fatica a salire

ODEM deposita i brevetti del suo Marketplace di formazione basato su Blockchain – Altcoin News

Commenti disabilitati su ODEM deposita i brevetti del suo Marketplace di formazione basato su Blockchain – Altcoin News

Create Account



Log In Your Account