Category Archives: cryptojacking

Auto Added by WPeMatico

First Large-Scale Crypto Jacking Strike in India Targets Conglomerate

The third largest conglomerate in India, Aditya Birla Group, was targeted in what is believed to be the first large-scale crypto jacking attack of its kind in India.

 Over 2,000 computers affected

Hackers were able to gain access to over 2,000 computer systems belonging to various companies governed by the Aditya Birla Group, taking over the computers’ terminals and processing power to illegally mine cryptocurrency.

While the attack was first detected last month, reporting from the Economic Times notes that it took just a few days for the malware to infect areas of the manufacturing and additional services belonging to the Aditya Birla Group.

A person familiar with the attack spoke to the Economic Times, describing the attack as one in which ”the primary intention of the hackers is not to steal information and cause business disruption. Rather, they hijack the target’s computers and tap the power supply to the organization to mine crypto coins”.

Addressing reporters, a Birla Group spokesperson said: ”Recently, the advanced threat detection systems of our Group alerted us of suspicious activity on some desktop systems. Based on this, our internal team immediately carried out an investigation and deployed countermeasures to isolate and eliminate the cause of this activity.”

Bigger enterprises mean bigger gains for hackers

The Birla Group spokesperson was able to assure the public that with the comprehensive investigation nearly being complete, the hack was not subject to any data loss. Hackers were instead able to mine what has been described as a substantial amount of Monero.
It is common for hackers to target larger establishments, as they are able to provide the potentially largest gains. Universities are known to be another target rich environment hit by hackers.
It is important to note, however, less than 1% of Bitcoin transactions involve illicit activities. While in this case, Monero was the cryptocurrency mined in the illegal process, there is no specific data indicating how frequently it is involved with fraudulent activities.

Follow BitcoinNews.com on Twitter at https://twitter.com/bitcoinnewscom

Telegram Alerts from BitcoinNews.com at https://t.me/bconews

The post First Large-Scale Crypto Jacking Strike in India Targets Conglomerate appeared first on BitcoinNews.com.

Websites Hit by Latest Wave of Cryptojacking

The website ‘Bad Packets Report’ has released a list of some 300 sites that have been compromised by “cryptojacking”, including Chinese hardware maker Lenevo.

Coindesk reports that the site’s security adviser, Troy Mursch, wrote last week that the compromised sites had been infected by hackers installing a browser mining software which exploited an outdated version of Drupal, a content management system (CMS). The two vulnerabilities, CVE-2018-7600 and CVE-2018-7602, have left numerous websites vulnerable to hacks if they did not receive immediate updates.

Incidents of cryptojacking are currently on the rise, defined as the secret use of one’s computing device to mine cryptocurrency. The hacking used to occur when the victim unknowingly installed a program on their computer which secretly mined cryptocurrency. Now, hackers are infecting websites with software that utilizes the victim’s computer power to mine cryptocurrency on the attackers’ behalf.

The list published by Mursch includes government and university portals as well as private companies, but is not the first of such alerts. After a previous release by cyber-security firm Imperva, warning that Drupal sites were being hacked by ‘Kitty’, an in-browser cryptocurrency miner containing a file named ‘me0w.js.’, it became clear that these sites were at risk.

Mursch explained why mining malware is currently rife:

“This is because Coinhive and other cryptojacking services (malware) are simply done with JavaScript. Every modern browser and device can run JavaScript, so as such, everybody can mine cryptocurrency and unfortunately Coinhive has been used and abused time and time again. [In] this particular case, Drupal users need to update [as soon as possible].”

Not all Coinhive users are malicious, as Bitcoin News reported recently. UNICEF recently launched a project called ‘The Hope page’  in support of Rohingya refugees in Bangladesh, which used the crypto mining service to fund its project. In this case, users gave permission to UNICEF to mine the coin monero using donors’ computer power.

 

*Follow BitcoinNews.com on Twitter at https://twitter.com/bitcoinnewscom*

*Telegram Alerts from BitcoinNews.com at https://t.me/bconews*

The post Websites Hit by Latest Wave of Cryptojacking appeared first on BitcoinNews.com.