Cybercriminals are becoming increasingly creative when it comes to embedding cryptocurrency mining scripts.
Bitcoin has become an irresistible target for cybercriminals all over the globe. Although no one can yet say why as Bitcoin has no privacy or anonymity features that one has to bypass. Cybercriminals have recently been turning from Bitcoin to Monero as of late. When it comes to mining Monero, hackers have become increasingly innovative.
Considering the recent increase in Monero mining software, more hackers have been turning to this new industry as a means of generating funds. The most popular way is to use unsuspecting victims’ computing processors to do the work for them. By embedding a mining code on popular websites, hackers have managed to effortlessly rake in funds, and this trend only seems to be growing.
IBM’s X-Force report has confirmed that the number of cryptocurrency mining incidents have drastically increased over the past year. This is a worrying sign to many experts, as it demonstrates that criminals are willing to install malicious code in order to mine Monero. Up until this point, the main targeted sites have been WordPress and Joomla servers.
Another technique that has gained popularity as of late is by modifying image files. Often the hackers will utilize steganography to embed the cryptocurrency mining scripts within an image file. This particular attack vector has become preferable amongst seasoned attackers, especially since a user would generally never suspect that an image could have the ability to carry a malicious file.
The troublesome aspect in the latest surge of Monero mining attacks is the fact that hackers have been targeting mostly manufacturing and financial service websites. Hackers have also started targeting entertainment websites as of late. The retail sector seems to have managed to escape attacks. Which is in itself surprising as the vast amount of images of products should be a goldmine for hackers. Considering this, it seems likely that the retail industry will soon be targeted.
The IBM X-Force report also confirmed that the new versions of the Mirai botnet no longer supports cryptocurrency mining scripts at all. This seems like a positive trend in the industry which is likely to become important as the cryptocurrency mining trend becomes more popular.