NTT Security Issues Warning On Crypto-Mining Malware

NTT Security and Global Threat Intelligence Center (GTIC) investigators have issued a forewarning on crypto mining malware in today’s report. NTT Security can access 40% of the globe’s internet traffic while GTIC has detected about 12,000 crypto-mining malware samples since March 2015.

Similar to other malicious software, crypto-mining malware affects computers through channels. NTT Security confirmed that phishing emails had become the most frequently used method in transmitting the malware. The software works through siphoning of power and resources of the host computer to mine digital currencies without permission of the owner, as the mining proceeds are sent to the malware creator.

Also, there is another method via which unsuspicious device owners have their PC’s power hijacked with the objective of mining digital coins without installing malware into the host computer. A PC referred as Coinhive provides a JavaScript-based cryptocurrency miner whereby a website embeds in its code to use different computing resources linked to that site and end up mining virtual currency.

Primarily, Coinhive permit websites to unnoticeably mine cryptocurrency by applying your computer resources while they are linked to the site. The objective of Coinhive is to give an option revenue generation mechanism to digital media suppliers who prefer not to depend on promotion as their revenue source. In spite of the benign Coinhive intentions, their tool can be abused on a big scale. For instance, NNT Security confirmed that approximately 38,000 websites have Coinhive’s JavaScript-based miner attached to the attackers’ code.

NTT threat-research analyst, Terrance DeJesus said, “The utilization of coin miners will undoubtedly develop and become more advanced with time, perhaps established with other malware, for instance, ransomware and banking Trojans. There are critical business applications if the current threats will be ignored. We are motivating all firms to become more watchful of cybersecurity perils to their business. There are usually effective and simple ways of mitigating risks, but the most noticeable ones are normally overlooked.”

Cryptocurrency that can be mined through this way is Monero (XMR) whereby the privacy-oriented coin disguises transactions on blockchain making it difficult to view the amounts and addresses involved, and preventing hackers from tracking the processes of any provided XMR.

Likewise, Monero blockchain hides users XMR balances. Hence a public “rich list” isn’t accessible. The Monero opacity has contributed to an increase in crypto on the Dark Web. Last year, WannaCry cyber hackers in recent times converted a big portion of ill-gotten BTC gains to XMR. While the criminals’ association has led to a negative public Monero conception, it also gives more highlight on the coin’s efficacy in sustaining anonymity.

Also, Monero has exhibited an exponential development in cost since it was debuted in 2014 at $2.45 for each coin. XMR is now valued at approximately $333 per coin, from its high price of $494.16 in December last year. NTT is recommending all organizations to take the following steps in ensuring that their PC resources are not exposed and exploited to crypto-mining malware:

• Perform frequent risk assessments to discover possible vulnerabilities.
• Apply a defense-in-depth method to cybersecurity, for instance, putting multiple security layers in place to minimize exposure threats.
• Frequently update devices and systems with modern patches, and deploy detection, prevention and intrusion systems to stop attacks.
• Train employees on the way to handle suspicious & unsolicited email links, phishing attacks, and file attachments.
• Proactively, examine network traffic to spot malware infection, and paying close attention to mobile and security devices.