The RedLock security intelligence group has discovered that Hackers used Amazon’s Web Services (AWS) computing resources to mine bitcoin.
The company issued a report outlining its finding following the discovery that certain AWS, Microsoft Azure, and Google Cloud administrative consoles were not password protected and therefore presented a perfect target for hackers.
Upon inspection, RedLock discovered that hackers had taken an open-source platform that automated deploying, scaling, and operating application containers, called Kubernetes, and transformed it into a “parasitic bot” to pray on the unprotected consoles. Incidentally, the consoles in question held access keys and secret tokens that were stored in plaintext — that is, they were not written in code.
This discovery falls in line with a surge of recent hacking attempts to use unsuspecting users’ consoles to mine cryptocurrency.
Other recent high-profile examples have involved hackers implanting a tool in the Showtime Anytime website source code, hijacking visitors’ computers to mine a bitcoin-like cryptocurrency called Monero, which is designed to ensure users’ anonymity, as well as hackers hiding software in Chrome extensions to turn a users’ computer into a bitcoin-mining machine. In both cases, the tool of choice was the same software, which was released in September by a company called Coinhive for the benign purpose of allowing website owners to profit from their sites without resorting to displaying advertisements. It was quickly appropriated by malware authors. Another popular script amongst mining hackers is JSECoin.
Kaspersky Lab, a cybersecurity lab, as well as Bleeping Computer, a technical support site, have both reported that 1.65 million computers were infected with cryptocurrency mining malware during the first nine months of this year. Another report, published by Adguard, states that 2.2% of the top 100,000 on the Alexa list host malware designed to mine cryptocurrency via users’ PCs.
There is no definitive answer to the question of exactly how many users’ have fallen victim to mining malware attacks, but there is a general consensus that these hacking attempts are increasing in frequency.
In total, recent analyses by the IBM X-Force security team reveal that “cryptocurrency mining attacks aimed at enterprise networks jumped sixfold between January and August,” as reported by the MIT Technology Review. The team has also said that newer, alternative tokens to bitcoin are particularly popular, especially in the cases of Monera and zCash.
This explosion in mining hack attempts proves that, even if you don’t buy into the idea of cryptocurrency, and even if you don’t plan to invest is any of them for the foreseeable future, if you use the internet, you are vulnerable to being dragged into the debate — whether you like it or not.2 - Readers Like This Post