Tech 1 year ago

Cecille de Jesus

Amazon falls victim to bitcoin mining malware

Armed with NSA-grade hacking tools, cybercriminals continue to exploit a new plague of cryptocurrency-related malware, months after the infamous leak. How do you protect yourself?

Cloud security startup RedLock has found that insurance company Aviva, and Gemalto—which is ironically a digital security company, had a parasitic bot in their Amazon Web Services (AWS) servers. The bot has been executing a bitcoin mining command, effectively freeloading on the multi-billion dollar, multinational companies’ processing power and raking in the profits without having to pay the electricity bill.

According to RedLock, such breaches are becoming common not only on AWS, but across Microsoft Azure and Google Cloud as well, and could have easily been avoided if it weren’t for negligent systems administrators. Fortunately, the hackers weren’t interested in stealing any data. They just wanted to mine bitcoins without having to foot the bill.

The NSA nightmare

The malware is highly likely based off of one of the tools allegedly originating from the US National Security Agency (NSA)—the same one used by the botnet “Adylkuzz,” which made tens of thousands of dollars by infecting computers and secretly using them to mine Monero altcoins (XMR).

In April this year, a group called the Shadow Brokers leaked a variety of hacking tools from the NSA, which included malware and viruses capable of freezing and taking control of anyone’s computer. The tools are allegedly used by the NSA to spy on its targets. Not surprisingly, the disturbingly powerful malware have ended up in the wrong hands and are now being used to benefit malicious entities.

Armed with NSA-grade hacking tools, these hackers can lock you out of your own computer and control the system remotely. And all you can do is watch. If you’re working on a deadline, you’d also probably want to cry. Insultingly, one of these tools is a ransomware called WannaCry.

The infamous WannaCry, which largely targets computers running Windows 7, managed to rapidly infect 10,000 organizations including the National Health Service (NHS) and FedEx, totalling over 400,000 computers in 150 countries—the biggest ransomware outbreak in the world.  Although the worldwide spread of WannaCry was halted through a surprisingly simple mechanism, the repercussions of the NSA leak are obviously not over.  And they probably won’t be for a while.

Bitcoin (and other cryptocurrency) mining malware are becoming more and more common. In what seems to be a payback mechanism, notorious torrent site Piratebay was caught installing a Javascript-based bitcoin miner into computers so they can secretly mine Monero coins last month.  Piratebay reasoned that this would replace their ad revenue, much to the backlash of users who believe they should have informed the public before executing the mechanism.

Because of the anonymous nature of blockchain-based transactions, they are quite conducive to criminal activity. The profitability of mining has ushered in a new modus operandi, a new agenda for hackers. Unlike identity theft and ransom, using victims’ computers to secretly mine cryptocoins has a better guarantee of profits. It does seem, after all, a more lucrative way to profit than blackmailing users—the only time the profit stops is when they are purged. But first, they need to be found out.

How do you protect yourself?

According to Russian antivirus Dr. Web, which was the first to detect the virus known as Trojan.BtcMine.1259, the bitcoin mining Trojan virus is quite smart: it knows to shut itself off when a computer deploys its Task Manager, thus, remaining undetected. Some are even fileless, rendering any malicious file search empty. But fortunately, there are ways to find out if your computer is infected. Apart from the obvious lagging that mining will cause to your processor, common antivirus and malware are apparently qualified to detect them.

If you are unlucky enough to have already been infected, there is still hope. There are video tutorials on how to manually get rid of these parasites. Around 98% of those infected by WannaCry are Windows 7 users. This isn’t a guarantee that other operating systems are safe, however.

As is the case with most malware and viruses, never open attachments and links unless you’re sure what they are—even when they are sent by people you know. If some of you remember, there was a time when you would sometimes receive emails from a friend that contained nothing but a link. And when asked, this friend does not recall sending such emails because he never sent it. By default, never open files and links unless you’re sure they are safe.

This includes chat applications. According to Russian multinational cybersecurity and anti-virus provider Kaspersky Lab, a bitcoin mining Trojan was also circulating through links accompanying messages meant to build intrigue on Skype. Fake Amazon notifications were also used to spread the virus through email.

As a safety measure, don’t be quick to click on invites to participate in ICO’s either. As this practice becomes (potentially) highly lucrative, a lot of people are jumping in on the trend—including hackers. So what may seem like a harmless link to a coin launch could very well turn out to be a malicious trick.

As mentioned earlier, arming your computer with antivirus and malware protection software would be a great defense. And if you’re still not confident in all these security measures, you can always switch to Mac.

Note: Tokens on the Bitcoin Core (segwit) Chain are Referred to as BTC coins. Bitcoin Satoshi Vision (BSV) is today the only Bitcoin implementation that follows Satoshi Nakamoto’s original whitepaper for Peer to Peer Electronic Cash. Bitcoin BSV is the only major public blockchain that maintains the original vision for Bitcoin as fast, frictionless, electronic cash.

COMMENT

Facebook messenger malware FacexWorm targets crypto platforms – BTC News Paper

[…] year, Amazon had a malware attack that was uploaded to their Amazon Web Services servers. The malware executed […]

Your comment is awaiting moderation.

Facebook messenger malware FacexWorm targets crypto platforms – CRYPTOTIMES.MOBI

[…] year, Amazon had a malware attack that was uploaded to their Amazon Web Services servers. The malware executed […]

Your comment is awaiting moderation.

Facebook messenger malware FacexWorm targets crypto platforms – Crypto News index

[…] year, Amazon had a malware attack that was uploaded to their Amazon Web Services servers. The malware executed […]

Your comment is awaiting moderation.

Add a Comment

lastest news

New York Media integrates blockchain in publishing platform

Tech 11 hours ago

New York Media integrates blockchain in publishing platform

New York Media, whose sites include New York Magazine and Slate, is collaborating with Po.et, a blockchain protocol for creative content management. According to a press statement, the partnership will involve integration of blockchain technology ...

Read More
PayPal rolls out blockchain rewards scheme for staff

Tech 1 day ago

PayPal rolls out blockchain rewards scheme for staff

Payments giant PayPal has become the latest company to deploy blockchain technology, in this case as a means of delivering a new incentive platform for the company’s employees, financial news outlet Cheddar reported. Launched in ...

Read More
Latest Mastercard patent filing covers anonymous blockchain transactions

Tech 1 day ago

Latest Mastercard patent filing covers anonymous blockchain transactions

Prolific patent filer Mastercard has applied for protection of yet another blockchain innovation—a platform that would allow anonymous blockchain transactions, using a somewhat familiar method. In what has been likened to a coin mixing or ...

Read More