Categories
Crypto News Tech

PowerGhost Is An Innovative Crypto Mining Malware, Mostly Targeting Corporate Networks

Unauthorized crypto mining malware recently discovered by Kaspersky Labs is affecting corporate networks worldwide. The computer security firm said that so far the most affected countries by this virus are India, Brazil, Colombia, and Turkey. The cryptojacking malware was named PowerGhost because of the difficulty of detecting it, an advantageous feature for unauthorized mining malware.

The firm’s experts described that, once it is sneaked onto the victim’s device, it accentuates its privileges through vulnerabilities in the operating system and begins to mine cryptocurrencies in the background.

Among the countries with the highest incidence of this virus attack are Brazil and India, with 200 to 290 users affected, followed by Colombia and Turkey, where between 110 and 200 users were infected, according to SecureList data.

Like any other crypto mining malware, PowerGhost uses processing power from infected devices and uses it to decipher the puzzle that validates a block of transactions with cryptos. This process, known as cryptojacking, requires a large number of computational resources and can cause overheating and lag the affected devices.

PowerGhost crypto mining malware is mostly focusing on corporate networks

In this particular case, the virus seems to be focused on corporate networks, so it also attacks server performance and accelerates wear and tear, generating replacement costs.

Kaspersky Labs warns that, compared to most malware of this type, PowerGhost is more difficult to detect because of it doesn’t need any files to work. That means it does not download malicious files to the devices it infects, making it easier to operate without being noticed.

Moreover, experts identified a version of this crypto mining malware that contains a tool for DDoS (Distributed Denial of Service) attacks which can paralyze networks and servers.

A technical analysis of this malware published by Secure List shows that cybercriminals are using increasingly sophisticated techniques to achieve their goals. They believe that the devs of PowerGhost went further by using “file-less” techniques to deploy the cryptojacking software on their victims’ systems.

It seems that the growing popularity and the increasing prices of cryptocurrencies have made cybercriminals to innovate new malicious crypto mining software. As the data shows, the cryptojacking malware programs are gradually replacing the ransomware Trojans.

Categories
Crypto News

Cryptojacking Affected More Than 1 Million Computers In China – 20 Chinese Cyber Attackers Arrested

An investigation by Chinese authorities revealed that over the course of two years, more than 1 million computers were infected with crypto mining malware, which would have resulted in illicit profits of more than $2 million for computer criminals. The operation resulted in the arrest of 20 suspects from the technology firm Dalian Shengping Network Technology and another management software distribution company accused of implementing cryptojacking.

According to police reports, hackers were able to extract 26 million units of DigiByte (DGB), Decred (DCR) and Siacoin (SC), valued at 15 million yuan (about $2.2 million).

Cryptojacking involves using the processing power of a computer for crypto mining

The scheme was discovered after the security team at Tencent Holdings Limited alerted public safety authorities about a “Trojan” crypto mining script hidden in free downloadable plug-ins. Hackers developed and embedded the malware in these add-ons which they offered through advertisements that promised user benefits, such as improved browsing speed. Infected files reached 5 million computers in China.

The software was programmed to initiate the mining script once it detected that the computer’s CPU usage was less than 50%. In this way, it ran in the background quietly. Hackers would also have developed a network of more than 100 agents to help spread malware, hidden in software for the administration of Internet cafe networks.

20 Chinese arrested for cryptojacking

Of the total of 20 people arrested in this case, 11 were released on bail, while nine others remain behind bars.

Cryptojacking has captured the interest of cybercriminals, generating a significant increase in attacks via crypto mining malware between 2016 and 2018, according to a study by the cyber security company Kaspersky Labs. This report seems to indicate a migration of hackers from ransomware attacks to hidden crypto mining.

Large companies have also been affected by cryptojacking, and, in February, cybersecurity firm RedLock reported attacks cases at electronic car company Tesla Inc, Gemalto, the world’s largest SIM card manufacturer, and international insurance company Aviva.

Exit mobile version