Tech 9 October 2017

Cecille de Jesus

Amazon falls victim to bitcoin mining malware

Armed with NSA-grade hacking tools, cybercriminals continue to exploit a new plague of cryptocurrency-related malware, months after the infamous leak. How do you protect yourself?

Cloud security startup RedLock has found that insurance company Aviva, and Gemalto—which is ironically a digital security company, had a parasitic bot in their Amazon Web Services (AWS) servers. The bot has been executing a bitcoin mining command, effectively freeloading on the multi-billion dollar, multinational companies’ processing power and raking in the profits without having to pay the electricity bill.

According to RedLock, such breaches are becoming common not only on AWS, but across Microsoft Azure and Google Cloud as well, and could have easily been avoided if it weren’t for negligent systems administrators. Fortunately, the hackers weren’t interested in stealing any data. They just wanted to mine bitcoins without having to foot the bill.

The NSA nightmare

The malware is highly likely based off of one of the tools allegedly originating from the US National Security Agency (NSA)—the same one used by the botnet “Adylkuzz,” which made tens of thousands of dollars by infecting computers and secretly using them to mine Monero altcoins (XMR).

In April this year, a group called the Shadow Brokers leaked a variety of hacking tools from the NSA, which included malware and viruses capable of freezing and taking control of anyone’s computer. The tools are allegedly used by the NSA to spy on its targets. Not surprisingly, the disturbingly powerful malware have ended up in the wrong hands and are now being used to benefit malicious entities.

Armed with NSA-grade hacking tools, these hackers can lock you out of your own computer and control the system remotely. And all you can do is watch. If you’re working on a deadline, you’d also probably want to cry. Insultingly, one of these tools is a ransomware called WannaCry.

The infamous WannaCry, which largely targets computers running Windows 7, managed to rapidly infect 10,000 organizations including the National Health Service (NHS) and FedEx, totalling over 400,000 computers in 150 countries—the biggest ransomware outbreak in the world.  Although the worldwide spread of WannaCry was halted through a surprisingly simple mechanism, the repercussions of the NSA leak are obviously not over.  And they probably won’t be for a while.

Bitcoin (and other cryptocurrency) mining malware are becoming more and more common. In what seems to be a payback mechanism, notorious torrent site Piratebay was caught installing a Javascript-based bitcoin miner into computers so they can secretly mine Monero coins last month.  Piratebay reasoned that this would replace their ad revenue, much to the backlash of users who believe they should have informed the public before executing the mechanism.

Because of the anonymous nature of blockchain-based transactions, they are quite conducive to criminal activity. The profitability of mining has ushered in a new modus operandi, a new agenda for hackers. Unlike identity theft and ransom, using victims’ computers to secretly mine cryptocoins has a better guarantee of profits. It does seem, after all, a more lucrative way to profit than blackmailing users—the only time the profit stops is when they are purged. But first, they need to be found out.

How do you protect yourself?

According to Russian antivirus Dr. Web, which was the first to detect the virus known as Trojan.BtcMine.1259, the bitcoin mining Trojan virus is quite smart: it knows to shut itself off when a computer deploys its Task Manager, thus, remaining undetected. Some are even fileless, rendering any malicious file search empty. But fortunately, there are ways to find out if your computer is infected. Apart from the obvious lagging that mining will cause to your processor, common antivirus and malware are apparently qualified to detect them.

If you are unlucky enough to have already been infected, there is still hope. There are video tutorials on how to manually get rid of these parasites. Around 98% of those infected by WannaCry are Windows 7 users. This isn’t a guarantee that other operating systems are safe, however.

As is the case with most malware and viruses, never open attachments and links unless you’re sure what they are—even when they are sent by people you know. If some of you remember, there was a time when you would sometimes receive emails from a friend that contained nothing but a link. And when asked, this friend does not recall sending such emails because he never sent it. By default, never open files and links unless you’re sure they are safe.

This includes chat applications. According to Russian multinational cybersecurity and anti-virus provider Kaspersky Lab, a bitcoin mining Trojan was also circulating through links accompanying messages meant to build intrigue on Skype. Fake Amazon notifications were also used to spread the virus through email.

As a safety measure, don’t be quick to click on invites to participate in ICO’s either. As this practice becomes (potentially) highly lucrative, a lot of people are jumping in on the trend—including hackers. So what may seem like a harmless link to a coin launch could very well turn out to be a malicious trick.

As mentioned earlier, arming your computer with antivirus and malware protection software would be a great defense. And if you’re still not confident in all these security measures, you can always switch to Mac.

Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.

Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.

COMMENT

latest news

How Metanet creates an immutable Internet

Tech 15 February 2019

How Metanet creates an immutable Internet

Metanet and Bitcoin were roughly conceived “in the depths of the late 90s” from the concept of an economically incentivized Internet, according to nChain Chief Scientist Dr. Craig Wright.

Read More
HSBC slashes forex costs with blockchain

Tech 15 February 2019

HSBC slashes forex costs with blockchain

The firm confirmed it had reduced costs for its forex business by as much as 25%, in what analysts describe as an example of the importance of distributed ledger technology to banks and their bottom lines.

Read More
UC Berkeley launches blockchain accelerator for startups

Tech 14 February 2019

UC Berkeley launches blockchain accelerator for startups

The University of California, Berkeley recently announced the launch of a new blockchain-focused accelerator, the Berkeley Blockchain Xcelerator for blockchain startups.

Read More