(I)IoT Security News
News, Vulnerabilities

Defending Against Illicit Cryptocurrency Mining Activity

The popularity of cryptocurrency, a form of digital currency, is rising; Bitcoin, Litecoin, Monero, Ethereum, and Ripple are just a few types of the cryptocurrencies available. Though cryptocurrency is a common topic of conversation, many people lack a basic understanding of cryptocurrency and the risks associated with it. This lack of awareness is contributing to the rise of individuals and organizations falling victim to illicit cryptocurrency mining activity.

What is cryptocurrency?

Cryptocurrency is a digital currency used as a medium of exchange, similar to other currencies. However, unlike other currencies, cryptocurrency operates independently of a central bank and uses encryption techniques and blockchain technology to secure and verify transactions.

What is cryptomining?

Cryptocurrency mining, or cryptomining, is simply the way in which cryptocurrency is earned. Individuals mine cryptocurrency by using cryptomining software to solve complex mathematical problems involved in validating transactions. Each solved equation verifies a transaction and earns a reward paid out in the cryptocurrency. Solving cryptographic calculations to mine cryptocurrency requires a massive amount of processing power.

What is cryptojacking?

Cryptojacking occurs when malicious cyber actors exploit vulnerabilities—in webpages, software, and operating systems—to illicitly install cryptomining software on victim devices and systems. With the cryptomining software installed, the malicious cyber actors effectively hijack the processing power of the victim devices and systems to earn cryptocurrency. Additionally, malicious cyber actors may infect a website with cryptomining JavaScript code, which leverages a visitor’s processing power via their browser to mine cryptocurrency. Cryptojacking may result in the following consequences to victim devices, systems, and networks:

Cryptojacking involves maliciously installed programs that are persistent or non-persistent. Non-persistent cryptojacking usually occurs only while a user is visiting a particular webpage or has an internet browser open. Persistent cryptojacking continues to occur even after a user has stopped visiting the source that originally caused their system to perform mining activity.

Malicious actors distribute cryptojacking malware through weaponized mobile applications, botnets, and social media platforms by exploiting flaws in applications and servers, and by hijacking Wi-Fi hotspots.

What types of systems and devices are at risk for cryptojacking?

Any internet-connected device with a CPU is susceptible to cryptojacking. The following are commonly targeted devices:

How do you defend against cryptojacking?

The following cybersecurity best practices can help you protect your internet-connected systems and devices against cryptojacking:

 

Source

https://www.us-cert.gov/ncas/tips/ST18-002

 

Related posts

Siemens SIMATIC Ident MV420 and MV440 Families

(I) IoT
5 years ago

Delta Electronics CNCSoft ScreenEditor

(I) IoT
4 years ago

BD Pyxis MedStation and Pyxis Anesthesia (PAS) ES System

(I) IoT
5 years ago
Exit mobile version