Friday, October 11, 2024
HomeCryptocurrency hackCryptocurrency-mining Malware Sold in Underground Markets Targeting IoT Devices

Cryptocurrency-mining Malware Sold in Underground Markets Targeting IoT Devices

Published on

Malware protection

Starting from 2018 cyber threat landscape shifted from Ransomware to Cryptocurrency mining attacks, attackers targeted a number of internet portals and different kinds of servers. Hackers taking each and every probability for mining cryptocurrencies, even they inserted Cryptocurrency mining malware with the embedded videos in word documents.

The Cryptocurrency mining attacks not limited to computer’s, almost every device that connected to the Internet may be a part of it. Cryptomalware based on two methods stealing cryptocurrency and mining cryptocurrency.

Cryptocurrency-mining malware consumes the system resources and utilizes them for mining cryptocurrencies without user permissions. The Cryptocurrency-stealing malware targets wallet address on local storages on various devices and replaces its own address.

- Advertisement - SIEM as a Service

Trend Micro researchers published a research report on how cryptocurrency-mining malware is being offered in the underground hacking forums and how the advertised features compare against one another.

Researchers spotted latest offerings of a Monero (XMR) cryptocurrency-mining malware called DarkPope in underground markets offered for $49 with 24/7 support.
Not only the cryptocurrency-mining malware they also offer cryptocurrency-stealing malware ” researchers spotted a piece of cryptocurrency-stealing malware called Pony that offered for $20.”

“We believe this is a huge trend, one that is unlikely to go away anytime soon. We have seen miners moving from bitcoin to Ethereum and now embracing Monero and Zcash. Some criminals have also started conversations about MoneroV, which hasn’t even been released yet.” reads Trend Micro report.

Also read Hackers Illegally Purchasing Abused Code-signing & SSL Certificates From Underground Market

When compared to computers or laptop the smartphones and IoT devices having very less computing power, but attackers creating cryptocurrency-mining malware targeting to infect these devices

The cryptocurrency-mining malware like Hiddenminer uses the all the computational power in mobile devices for mining and could cause the device to overheat and potentially fail.

“It will appear that cryptocurrency malware is gaining traction as a subject in forums within the cybercriminal underground. but still, it is not as profitable as other criminals may think — at least not yet.”

To mitigate from falling to cryptojacking attacks regularly update your device firmware, Don’t use default credentials, stay vigil against known attack vectors.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Threat Actor ProKYC Selling Tools To Bypass Two-Factor Authentication

Threat actors are leveraging a newly discovered deepfake tool, ProKYC, to bypass two-factor authentication...

Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks

A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being...

SpyCloud Embeds Identity Analytics in Cybercrime Investigations Solution to Accelerate Insider and Supply Chain Risk Analysis & Threat Actor Attribution

IDLink, SpyCloud’s new automated digital identity correlation capability, is now core to its industry-leading...

Abusix and Red Sift Form New Partnership, Leveraging Automation to Mitigate Cyber Attacks

The agreement has marked over 600,000 fraudulent domains for takedown in just two months...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Critical Atlassian Vulnerability Exploited To Connect Servers In Mining Networks

Hackers usually shift their attention towards Atlassian due to flaws in its software, especially...

Log4j Vulnerability Exploited Again To Deploy Crypto-Mining Malware

Recent attacks exploit the Log4j vulnerability (Log4Shell) by sending obfuscated LDAP requests to trigger...

Hackers Abused StackExchange Platform To Deliuver Malicious Python Package

Attackers uploaded malicious Python packages targeting Raydium and Solana users to PyPI, leveraging a...