Number of cyber-attacks that look to mine cryptocurrency and earn profit through hacking is on a rise. Some even abuse weak spots of open sources to extort computing power of users and use such power to mine cryptocurrency. People who deal with cryptocurrency frequently must be vigilant as number of victims from malware increased by 44% in just a year and as there are many ways hackers use to extort victims.
SK Infosec announced that it found many incidences of cyber-attacks that abused weak spots of major open sources such as Jenkins, Apache Struts2, and Apache Tomcat. Main goal of these attacks is to mine cryptocurrency. Hackers utilize weak spots of open sources, install malware into cryptocurrency mining, and extorted computing power of company servers. Although information of customers was not leaked, there were second blows such as server down due to low computing power.
Hackers that attacked a South Korean company took over internal servers of this company remotely by utilizing weak spots (CVE-2017-1000353) of Jenkins during the first half of this year. Afterwards, they installed cryptocurrency malware and used computing power of this company’s servers without permission.
Hackers that attacked another company utilized a similar tactic. They took over internal servers through weak spots (CVE-2017-9805) of Apache Struts2 and infiltrated computing power by installing cryptocurrency malware. In addition, they used various ways to infiltrate this company’s servers such as stealing IDs and passwords or diverting servers without passwords.
“Because many weak spots of open sources are made public, they are targeted by many hackers.” said a representative for SK Infosec. “Because these hackers install cryptocurrency malware that leads to company servers not acting properly, some of companies even had to stop their services as a result.”
Number of cryptocurrency malware is on a rise this year. According to ‘Report on Trend of Sites That Hide Malware During the First half of 2018’ that was reported by Korea Internet & Security Agency, there were 34 cases when cryptocurrency malware was found. There was one case during the first half of last year and 22 cases during the latter half of last year. Looking at type of entire malware, it is used most after information leakage, downloader, and ransomware.
According to Kaspersky Lab’s analysis, number of victims of cryptocurrency malware increased by 44.5% from about 1.9 million between 2016 and 2017 to 2.7 million between 2017 and 2018. It is contrast to how number of victims of ransomware decreased by about 30% at the same time.
Industries are predicting that there will be more cryptocurrency malware in the future as it brings in higher profit ratio compared to ransomware and others.
When ransomware was in full swing last year, security companies supplied their vaccine programs for ransomware. As a result, hackers saw lower profit rate than before due to increase in number of restoration tools. On the other hand, people are not aware of mining-type malware at all until there is actually damage to servers and others since it does not request money.
“Hackers will continue to carry on attacks to look for stronger computing power.” said a representative for an industry. “Users must perform latest software update and continue to look for patches of weak spots.”
Staff Reporter Jung, Youngil | jung01@etnews.com