The topic of cryptocurrencies is very relevant today. Bitcoin crossed the border of $ 30 thousand per coin and continues to grow, along with the crypt, the number of incidents related to cryptojacking (Cryptojacking) increases
Cryptojacking is a scheme of using other people's devices (computers, smartphones, tablets or even servers) without the knowledge of their owners for the purpose of secretly mining cryptocurrencies.
Hackers use cryptojacking methods and steal computing power from infected devices. By adding up all these powers, hackers can successfully (and most importantly - without significant costs) compete with large players in the cryptocurrency mining market.
Cryptojacking is not a new threat, but it is evolving rapidly. This type of mining malware tends to decrease and increase depending on the prices of cryptocurrencies. The bad news is that cryptojacking is gaining traction in 2020. Thus, 2018 was one of the most successful years for the development and distribution of cryptojacking malware . In 2019, there was a 40% decline at the beginning of the year , followed by a stable infection rate in 2020 with a slight increase until August. These trends are in line with the price of bitcoin over the past three years.
.
β Monero
C Intel i5 500 Monero . , , IoT, IoT ( , IoT, -, .,
( ). Monero 0,30 . , , . Google 6 . 20 , . , 10 000 20 (0,00005%), 2100 .
, 10 000 ?
β . . (XSS) 1, HackerOne 2019 .
. Lazarus ( ). Group-IB, Lazarus . Β« : , , LazarusΒ»
, , :
, .
, , .
«» , DNS, .
, JavaScript, Go, Ruby, Shell, Python , PowerShell ..
, . , , Docker , Kubernetes .
?
2020 Cisco - Prometei Monero.
Cisco Talos, Prometei (LoLBins), PsExec WMI, SMB .
15 , , CnC. Cisco Talos , .
Mimikatz . , , EternalBlue : SearchIndexer.exe ( Monero).
At the end of March 2018, Drupal was exposed to a severe remote code execution vulnerability ( CVE-2018-7600 ), which was followed almost a month later by another ( CVE-2018-7602 ), both tags named Drupalgeddon 2 and Drupalgeddon 3. As it turned out during an investigation, remote executing the code launched the Monero XMRig cryptocurrency miner
In June 2019, a new cryptocurrency miner for Mac was discovered, which Malwarebytes identifies as Bird Miner, the malware was in a cracked installer for high-quality music creation software Ableton Live.