Monday, June 16, 2025
HomeCryptocurrency hackCryptocurrency-mining Malware Sold in Underground Markets Targeting IoT Devices

Cryptocurrency-mining Malware Sold in Underground Markets Targeting IoT Devices

Published on

SIEM as a Service

Follow Us on Google News

Starting from 2018 cyber threat landscape shifted from Ransomware to Cryptocurrency mining attacks, attackers targeted a number of internet portals and different kinds of servers. Hackers taking each and every probability for mining cryptocurrencies, even they inserted Cryptocurrency mining malware with the embedded videos in word documents.

The Cryptocurrency mining attacks not limited to computer’s, almost every device that connected to the Internet may be a part of it. Cryptomalware based on two methods stealing cryptocurrency and mining cryptocurrency.

Cryptocurrency-mining malware consumes the system resources and utilizes them for mining cryptocurrencies without user permissions. The Cryptocurrency-stealing malware targets wallet address on local storages on various devices and replaces its own address.

- Advertisement - Google News

Trend Micro researchers published a research report on how cryptocurrency-mining malware is being offered in the underground hacking forums and how the advertised features compare against one another.

Researchers spotted latest offerings of a Monero (XMR) cryptocurrency-mining malware called DarkPope in underground markets offered for $49 with 24/7 support.
Not only the cryptocurrency-mining malware they also offer cryptocurrency-stealing malware ” researchers spotted a piece of cryptocurrency-stealing malware called Pony that offered for $20.”

“We believe this is a huge trend, one that is unlikely to go away anytime soon. We have seen miners moving from bitcoin to Ethereum and now embracing Monero and Zcash. Some criminals have also started conversations about MoneroV, which hasn’t even been released yet.” reads Trend Micro report.

Also read Hackers Illegally Purchasing Abused Code-signing & SSL Certificates From Underground Market

When compared to computers or laptop the smartphones and IoT devices having very less computing power, but attackers creating cryptocurrency-mining malware targeting to infect these devices

The cryptocurrency-mining malware like Hiddenminer uses the all the computational power in mobile devices for mining and could cause the device to overheat and potentially fail.

“It will appear that cryptocurrency malware is gaining traction as a subject in forums within the cybercriminal underground. but still, it is not as profitable as other criminals may think — at least not yet.”

To mitigate from falling to cryptojacking attacks regularly update your device firmware, Don’t use default credentials, stay vigil against known attack vectors.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added

Kali Linux, the preferred distribution for security professionals, has launched its second major release...

Arsen Launches AI-Powered Vishing Simulation to Help Organizations Combat Voice Phishing at Scale

Arsen, the cybersecurity startup known for defending organizations against social engineering threats, has announced...

NIST Releases New Guide – 19 Strategies for Building Zero Trust Architectures

The National Institute of Standards and Technology (NIST) has released groundbreaking guidance to help...

Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header

A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware's Spring Framework has been...

Credential Abuse: 15-Min Attack Simulation

Credential Abuse Unmasked

Credential abuse is #1 attack vector in web and API breaches today (Verizon DBIR 2025). Join our live, 15-min attack simulation with Karthik Krishnamoorthy (CTO - Indusface) and Phani Deepak Akella (VP of Marketing - Indusface) to see hackers move from first probe to full account takeover.

Discussion points


Username & email enumeration – how a stray status-code reveals valid accounts.
Password spraying – low-and-slow guesses that evade basic lockouts.
Credential stuffing – lightning-fast reuse of breach combos at scale.
MFA / session-token bypass – sliding past second factors with stolen cookies.

More like this

North Korean Hacker Tries to Infiltrate Kraken Through Job Application

Leading cryptocurrency exchange Kraken has disclosed that it recently thwarted an infiltration attempt by...

Crypto Platform OKX Suspends Tool Abused by North Korean Hackers

Cryptocurrency platform OKX has announced the temporary suspension of its Decentralized Exchange (DEX) aggregator...

Authorities Seize $31 Million Linked to Crypto Exchange Hack

U.S. authorities announced the seizure of $31 million tied to the 2021 Uranium Finance...