Tag: bitcoin | Qualys Blog

New Frontiers In Cryptojacking

Posted by Tejas Girme in Qualys Technology, Security Labs on December 17, 2018

Cryptojacking attacks are evolving over time to better evade detection by both end users and protection technologies. It’s therefore important for security teams to understand how these attacks work so they can best protect their system resources. In a recent talk at AVAR 2018, Qualys Malware Research Labs presented an analysis of several evasion techniques used by attackers to deliver the Cryptojacking code to web browser and how existing protection technologies stack up against them.

About Cryptojacking

Cryptojacking attacks leverage the victim system’s resources via malicious JavaScript to mine certain cryptocurrencies. Attackers carry out these attacks by infecting popular sites with JavaScript that enables cryptojacking. Any visitor to such sites will download the JavaScript and unknowingly contribute its system resources to mine a cryptocurrency that is added to the attacker’s wallet.

Early Cryptojacking Attacks

CoinHive was the first browser-based CryptoMining service provider. They made it possible to enable browser-based mining on a website by embedding just a few lines of code. Adversaries seized this opportunity and Cryptojacking attacks became prevalent.

*Figure 1*: JavaScript code that initiates Cryptojacking inside a website.

No Comments
Permalink
Tags: bitcoin, coinblocker, crypto mining, cryptocurrency, cryptojacking

Staying Safe in the Era of Browser-based Cryptocurrency Mining

Posted by Abhijit Limaye in Qualys Technology, Security Labs on July 25, 2018

Qualys Malware Research Labs is announcing the release of Qualys BrowserCheck CoinBlocker Chrome extension to detect and block browser-based cryptocurrency mining, aka cryptojacking.

Cryptojacking

Cryptojacking attacks leverage the victim system’s resources via malicious JavaScript to mine certain cryptocurrencies. Attackers carry out these attacks by infecting popular sites with JavaScript that enables cryptojacking. Any visitor to such sites will download the JavaScript and unknowingly contribute its system resources to mine a cryptocurrency that is added to the attacker’s wallet. The resource-intensive mining process is carried out on victim systems typically consumes more than 70% of CPU, that reduces system performance, increases power consumption and can cause possible permanent damage to the system.

1 Comment
Permalink
Tags: bitcoin, browsercheck, crypto mining, cryptocurrency

Cryptomining is all the rage among hackers, as DDoS amplification attacks continue

Posted by Juan C. Perez in Qualys News, Qualys Technology on March 9, 2018

In this week’s InfoSec news review we’ll dive into cryptomining, get the latest on DDoS amplification, go over recent data breaches, and check out another vendor claiming it can crack iPhones.

I, me, mine

The freight train that’s cryptomining shows no sign of slowing down, and the cyber security implications are intensifying accordingly.

This week alone, Microsoft detected and disrupted a massive cryptomining malware campaign, a Tesla AWS account got hijacked, a new mining worm was discovered, and Kaspersky researchers warned about increased sophistication of infection methods.

While there is a legitimate component to this business, malicious hackers eager to profit are aggressively breaching networks and infecting devices — PCs, IoT systems, smartphones, servers — to steal computing power for mining virtual currencies.

No Comments
Permalink
Tags: bitcoin, cryptocurrency, virtual currency