Cryptocurrency-mining Malware Sold in Underground Markets Targeting IoT Devices

Starting from 2018 cyber threat landscape shifted from Ransomware to Cryptocurrency mining attacks, attackers targeted a number of internet portals and different kinds of servers. Hackers taking each and every probability for mining cryptocurrencies, even they inserted Cryptocurrency mining malware with the embedded videos in word documents.

The Cryptocurrency mining attacks not limited to computer’s, almost every device that connected to the Internet may be a part of it. Cryptomalware based on two methods stealing cryptocurrency and mining cryptocurrency.

Cryptocurrency-mining malware consumes the system resources and utilizes them for mining cryptocurrencies without user permissions. The Cryptocurrency-stealing malware targets wallet address on local storages on various devices and replaces its own address.

Trend Micro researchers published a research report on how cryptocurrency-mining malware is being offered in the underground hacking forums and how the advertised features compare against one another.

Researchers spotted latest offerings of a Monero (XMR) cryptocurrency-mining malware called DarkPope in underground markets offered for $49 with 24/7 support.

Not only the cryptocurrency-mining malware they also offer cryptocurrency-stealing malware ” researchers spotted a piece of cryptocurrency-stealing malware called Pony that offered for $20.”

“We believe this is a huge trend, one that is unlikely to go away anytime soon. We have seen miners moving from bitcoin to Ethereum and now embracing Monero and Zcash. Some criminals have also started conversations about MoneroV, which hasn’t even been released yet.” reads Trend Micro report.

Also read Hackers Illegally Purchasing Abused Code-signing & SSL Certificates From Underground Market

When compared to computers or laptop the smartphones and IoT devices having very less computing power, but attackers creating cryptocurrency-mining malware targeting to infect these devices

The cryptocurrency-mining malware like Hiddenminer uses the all the computational power in mobile devices for mining and could cause the device to overheat and potentially fail.

“It will appear that cryptocurrency malware is gaining traction as a subject in forums within the cybercriminal underground. but still, it is not as profitable as other criminals may think — at least not yet.”

To mitigate from falling to cryptojacking attacks regularly update your device firmware, Don’t use default credentials, stay vigil against known attack vectors.