While the crypto industry grows by huge bounds, issues of security still linger over it. Besides the many reported cases of people getting scammed off of their money through some shady ICO and investment schemes, the market is also awash with hackers targeting unsuspecting computer owners to steal their computers’ processing power and use it to mine cryptos right under the victim’s nose.
Tend Micro, which is a popular cyber security firm, has discovered something new. In earlier days, hackers used malware that hijacked the victim’s computer but could be detected by anti-virus software. Now, the cyber criminals have come up with something more stealth.
Hard To Detect
According to a report released by Tend Micro, the new malware is virtually undetectable even by anti-virus software. It uses a trick known as “hollowing,” whereby a hacker uses a malware dropper to inject a dormant script or trojan horse on a target computer. Since the script is dormant and seemingly harmless, it’s not flagged as a threat by the anti-virus or other security features on the victim’s computer.
However, the “dormant” code can be remotely activated by the hacker via a series of specific commands that make it executable and start mining Monero cryptocurrency using the processing power of the target computer. All this happens stealthily and without detection. Once the crypto is mined, it’s then sent to the hacker’s wallet. Hackers choose to mine Monero by virtue of the crypto’s absolute privacy setting, meaning that it can’t be traced. The hacker can choose to activate or deactivate the hidden code at specific times, making it much harder to detect.
Not The First One
Despite being the most lethal yet, this recent trick isn’t the first that hackers have used to mine cryptos on other people’s computers. Many cryptojacking tricks and malware have been discovered over the years. Back in September, Tend Micro reported another malware called Glupteba that now seems to have mutated from its earlier version discovered by WeLiveSecurity back in 2011.
Apparently, the new version gains access to the victim’s computer via malvertising whereby it downloads itself onto the person’s computer if the person clicks on some shady online ads containing it. The malware then establishes a connection with the hacker’s server by scanning Bitcoin’s blockchain records to find the hacker’s hidden codes. With that, the hacker can remotely control the victim’s computer and mine crypto.
Tend Micro opines that the overall percentage of malware attacks in crypto mining have increased over the last one year. However, the number of detected cases has decreased as hackers find new and more creative ways to get stealth. In this case, Tend Micro’s report seems to conflict with another report released by Check Point, another cyber security firm, back in July 2019. According to Check Point, the overall number of such attacks have reduced from 42% to 26% - comparing two 6-month time periods of 2018 and 2019.