In the first quarter of 2019, cryptojacking campaigns aimed at victims’ PCs to mine cryptocurrencies rose 29%, according to a recent report by security software provider McAfee.
Hackers Target Windows PCs to Mine Monero
The antivirus maker founded by crypto fan John McAfee discovered that both Windows and Apple ecosystems are equally vulnerable to cryptojacking campaigns.
Most of the mining attacks on Windows computers use PowerShell for propagation and execution. The latter is a task automation engine and interactive Command-Line Interface (CLI) created by Microsoft for system administration and configuration management.
In the first quarter, one of the most significant crypto malware campaigns discovered by McAfee was PsMiner. Hackers have been using a Trojan to distribute the mining worm. The malware is designed to mine Monero by exploiting the vulnerabilities in servers running Hadoop, ElasticSearch, Weblogic, Redis, SqlServer, Spring, and ThinkPHP.
Monero (XMR) is a cryptocurrency that allows users to make peer-to-peer transactions anonymously without being traced even by their addresses. The coin is among 15 largest cryptocurrencies by market cap. As of August 30, it boasts a capitalization of $1.15 billion. Monero is attractive for miners thanks to its generous reward potential. Also, XMR miners don’t have to use expensive GPUs and ASIC systems as in the case of Bitcoin.
Back to PsMiner, it reaches the victim’s computer by a PowerShell command that downloads the WindowsUpdate.ps1 payload, the McAfee report says.
McAfee Report Says Apple Devices Are Vulnerable Too
Besides PsMiner, another malware family, called CookieMiner, has been attacking macOS devices and sharing code with a past campaign to steal digital wallets and credentials. The malware used EmPyre backdoor to automate the stealing process.
McAfee found that CookieMiner stole data from popular crypto exchanges, including Binance, Coinbase, Bitstamp, Poloniex, Bittrex, and MyEtherWallet. The malware got access to data like passwords to access the crypto exchanges’ sites. However, the main goal was to infect computers to mine Koto.
In general, ransomware attacks rose 118% over the first quarter, the report says. There are new ransomware families, while hackers use innovative techniques. Even so, hackers still need victims’ involuntary cooperation. McAfee concluded:
“Even with all the sophisticated attack techniques being developed, attackers are still highly dependent on human interaction and social engineering.”
Do you think hacking attacks represent one of the most significant problems for the crypto space? Share your thoughts below!
Images via Shutterstock
Be the first to comment