Cryptojacking threatens cryptocurrency safety, security and value

Source: SA Migration, 28/05/2018

Financial Institutions are quick to implement digital platforms
without accompanying cyber security as part of their focus.
In addition to malware, a newer and bigger threat to the safety,
security and value of cryptocurrencies has emergedâ€`in-browser
Cryptojacking that hackers use to target the newer less-well known
currencies such as Monero, Coinhive and Zcashâ€`low-profile
cryptocurrencies, that ironically are the currencies-of-choice among
threat actors.
A recent cryptojacking campaign infected over half-a-million victims
in just three days.
According to Jeremy Samide, CEO of Stealthcare, an international
cybersecurity and threat assessment firm based in the US and
Canada, “In-browser cryptojacking works off JavaScripts, which are
installed on the most popular websites and readily available to
anyone with criminal intent. With JavaScript the hacker uses the
victim’s own browser to mine, or rather ‘cryptomine,’ for
transactions, secretly diverting small amounts of currency at a time
to his own account where it can be turned into cash.”
Industry analysts recognize Stealthcare for changing cybersecurity
from defense to a more aggressive posture that relies on early
warning, threat assessment, AI and human intelligence. Early on,
Stealthcare’s proprietary platform Zero Day Live, detected a
significant upward trend in cryptomining and cryptojacking, warned
its clients of the threat and provided countermeasures.
“This is criminal behavior plain and simple. Wrongdoers directly
attack the weakest linkâ€`the consumers who rely on cryptocurrency
exchanges and their digital wallets for their transactions. They lure
their victims in through elaborate phishing campaigns, drive-by
downloads, and other subterfuges,” says Samide, adding, “The
explosion of initial coin offerings (ICO) and cryptocurrency
exchanges proliferating without adequate security, gave hackers the
opening they needed to attack wallets and apps, siphoning off
cryptocurrency from these exchanges.”
Bitcoin and Ethereum were targets when they first emerged. But as
they become more mainstream, they are also being scrutinized by
sovereign governments looking to apply transparency requirements on
their transactions. “These legacy cryptocurrencies now appear to be
less attractive as hackers target emerging and more privately-focused
currencies such as Coinhive along with Monero and Zcash,” according
to Samide.
Cryptomining Malware Threats
In addition to the in-browser JavaScript threat, cyber criminals are
still transforming older malware to include cryptomining and
cryptojacking capabilities. In doing so they are creating polymorphic
strains of new attacks. Explains Samide, “Some of these cryptojacking
campaigns are still using older EternalBlue exploits, which were
stolen by Shadow Brokers and used to create the
ransomwareWannaCrythat wreaked havoc on the National Health Services
hospitals in England and Scotland as well as Nissan Motor
Manufacturing UK, FedEx, Spain’s Telefonica and the Deutsche Bahn.”
Cryptomining malware threats today are becoming three dimensional,
having the ability to circumvent antivirus applications by dropping
in and launching malicious payloads that can shut down antivirus
processes to evade further detection. As their malware proliferates
through various attack vectors, their illicit mining capabilities
continue to grow exponentially, stealing hundreds and thousands of
dollars over time.
Samide insists, “Playing defense is no longer adequate. When we
developed Zero Day Live, it became the world’s first complete cyber
threat intelligence aggregation platform to spot emerging trends,
uncover actionable information, and report on high-value intelligence
that allows companies to respond quickly to impending threats.”
Stealthcare researchers and technical staff also provide ongoing
assistance to Zero Day Live clients that includes human threat
assessment and, if need be, disaster recovery and new tactics to
thwart future attacks.
The Gartner Research Report for Security Leaders, recognized
Stealthcare’s Threat Intelligence platform, and stated that many
vendors can provide access to information; fewer provide truly
anticipatory content based on customized intelligence.
The Future of Cryptocurrency
“Looking to the future,” Samide says, “Initial Coin Offerings (ICOs)
will continue to pop up. But to maintain their legitimacy,
cryptocurrencies will have to conform to government regulations,
which will transform many of them into more widely accepted digital
currencies to be used routinely in everyday commerce.”
In addition to cryptocurrency warnings and defenses, as well as
alerting its clients of the Atlanta ransomware attack, Stealthcare
predicted the evolution and growing sophistication of malware or
Evoware, which became a reality in 2016 and includes new self-
propagating ransomware mutations.