Botnets mining cryptocurrency – Enterprise Times

You Are Here: Home 2017 March 1 Botnets mining cryptocurrency

Security vendor Forcepoint has identified a new mining botnet targeting the Monero cryptocurrency. Using bots to mine cryptocurrencies is nothing new and there have been several claims that botnets are targeting Monero over the last 15 months. This blog by Luke Somerville and Abel Toro goes further. It provides the evidence for an active botnet exploiting SMEs and local government systems in the Haut-Rhin region of France.

Using a botnet to mine for cryptocurrencies today makes sense. The complexity of the problems to be solved require an ever increasing amount of compute power. This has created a number of cooperatives where members join a mining consortium to share compute power and make money. What is happening here is that cybercriminals are looking for a more profitable route than being part of a mining consortium.

Somerville and Toro reference a Malwarebytes report from January. In that report, researchers looked at the use of the Sundown exploit kit to deploy a cryptocurrency miner. That mining tool was focused on Monero and was being actively updated. It appears from the Somerville and Toro blog that other campaigns to infect machines have been successful. Surprisingly both blogs call out the lack of obfuscation of the code used in the attacks. This has made it easy for the researchers to identify and examine the attacks.

The command and control servers are mainly hosted on legitimate websites. Interestingly the majority of those websites are hosted on OVH. This might be the attackers using sites based in France to get around security controls on the machines. The theory being that security software would expect users to access sites based in France rather than in Vietnam, Russia or China.

It is a surprise that we havent seen more campaigns aimed at botnet mining of cryptocurrency over the last few years. The increasing price of most cryptocurrencies is enough to make it attractive. Given the size of some botnets and their cost, it is certain cost effective. What is interesting is that this is targeted at cryptocurrency that is relatively unknown outside the DarkNet.

Ian has been a journalist, editor and analyst for over 30 years. While technology remains the core focus of Ian's writings he also covers science fiction, children toys, field hockey and progressive rock. As an analyst, Ian is the Cyber Security and Infrastructure Practice Leader for Creative Intellect Consulting Ltd. A keen hockey goalkeeper, Ian coaches and plays for a number of clubs including Guildford Hockey Club, Alton Hockey Club, Royal Navy, Combined Services, UK Armed Forces and several touring sides. His ambition is to one day represent England. Ian has also been selected to be the goalkeeping coach for Hockey for Heroes, a UK charity supporting the UK Armed Forces.

Read more:
Botnets mining cryptocurrency - Enterprise Times