X

Engineers at RedLock noticed something unusual while scanning the internet for unsecured cloud servers. As one of the top cloud monitoring and defense firms, RedLock noticed one Kubernetes console (an open source dashboard) was performing crypto-mining on AWS. Further research revealed anyone could access the console because it was not password protected.

With access to the console, it did not take long for the intruders to determine they could gain entry to a broader range of AWS services and deploy scripts to establish a crypto-mining operation.

This intrusion became more newsworthy than others because the console belonged to Tesla. RedLock researchers submitted their findings to the Tesla bug bounty program and were awarded $3000 which they donated to charity. However, this intrusion called attention to the fact that public cloud platforms are increasingly popular targets of cryptojackers.

Let us look at why cryptojacking has soared in popularity and what can be done to defend against it.

Gain in Popularity

So, what is cryptojacking? Cryptojacking is the secret use of your computing device to mine cryptocurrency.

Why has cryptojacking become so popular? In short, because it is profitable. “Hackers see cryptojacking as a cheaper, more profitable alternative to ransomware,” says Alex Vaystikh, CTO of SecBI. He goes on to explain that a hacker might get three people to pay for every 100 computers infected. However, with cryptojacking, all 100 of those infected computers are mining cryptocurrency for the hacker.

Another reason hackers are turning to cryptojacking is they are less likely to be identified if ever caught. Once the hacker deploys the scripts running the crypto-mining operation, they may go months or years before someone detects them. Even when they are discovered, it is difficult to trace the offending scripts back to the source.

One thing to remember is that cryptojackers are not after confidential data. They are not searching for computers to uncover bank accounts or Social Security numbers. All they want is to co-op access to your cloud computing cycles. For this reason, many incidents are never reported. For many hackers, cryptojacking is merely a low risk/high reward proposition.

Entry Points

Hackers use several tactics to trick users into unintentionally becoming crypto-miners. One of the most popular is through a legitimate-looking email that baits the user into clicking on a link. Within seconds, the link runs code that installs a script on the computer. The script then quietly runs in the background undetected.

Another method hackers use is injecting a script on a website or an online ad. When a user visits the site, they encounter a pop-up in their browser which automatically executes the script. The scripts usually use few resources and do not interfere with general computer usage, making them incredibly difficult to detect. The most sophisticated scripts recognize when you are away from your computer and will then kick into full mining gear.

The makers of the Opera browser have created a cryptojacking test which will test your browser for any infections. Other test sites exist, but few are as quick and easy as this one.

Prevention

The skyrocketing value of cryptocurrencies is encouraging hackers to change their nefarious tactics. Many have evolved from stealing sensitive data to stealing computer cycles on local systems as well as in companies’ public cloud environments.

What can you do to prevent being a victim of cryptojacking?

Conclusion

Will cryptocurrencies continue their torrid growth in popularity and value? That is anyone’s guess. However, as more companies move applications to the cloud, the opportunity for hackers to tap into your cloud computing resources increases.

Unfortunately, it does not require much technical skill or resources for a hacker to get started in cryptojacking. For as little as $30, anyone can purchase a cryptojacking kit off the dark web.

Experts expect cryptojacking to become as famous as ransomware over the next year. That is bad news for IT departments, but taking these few steps mentioned above can reduce your risk.

View Comments

  • Thanks for the post. We are currently in the process of reviewing our current "inefficient"" disaster recovery plan."

  • i impress regarding your product,now it is also available world wide,i am also worker for the same nature of beverage manufacturing, it is different from the beer of saudi.......cheer up

  • Why was the Durability not considered in this article? Disk drives are generally warranted for 1-3 years and ends life by 5 years. The risk of bad blocks in disks are higher than tape. and tape life time exceeds 15 years.

  • John,

    Excellent comments! Thank you for contributing to this blog post by sharing your ideas and experience. We're all about creative ways of using our amazing tools.

    I wanted to also point out that there are some USB drives that don't work as a bootable device. Also, I'm using a third party software which we don't support. So StorageCraft doesn't officially support putting the Recovery Environment on a USB at this time. My intent with this article is to spur discussion and creative thinking.

    Many times we'll hear great comments like yours on ways to use our product that we hadn't thought of before. We rely on this constructive feedback to constantly improve upon the product.

    Please, keep those comments coming. We're glad you're finding new ways of using our tools to make your lives easier.

    Cheers!

  • I did the same thing using command line to make my usb bootable and extracting the .iso to the flash drive using WinRAR.

    Rather than using a 2gb just to accomodate the SP iso, I used a 64gb drive so that I can take an image of the machine I'm booting and save straight to the flash drive rather than setting up a share and bringing network speed to a crawl while I back up the device. But that's just my 2 cents.

  • Great post on exchange server email recovery. One more tip to users of exchange server and Outlook, if you have no hope to recover from exchange server you can check the recovery with Outlook OST files from each user.
    It may be some hectic task but I am sure your data worth much more than that

  • There's that old adage: "Garbage in, garbage out."" Computers are tools to get the job done, and while yelling at that hammer might unload some of the hurt, we hardly think it's really the hammer's fault for hitting the thumb. :)"

    • Thanks for the comment, James.

      That sounds a bit expensive per MB, hopefully the cost will decline in the near future.

  • With companies like Samsung & Apple giving away free cloud stroage option with their smartphones, I think cloud storage will become quite famous on smartphones.

  • ASCII and our almost 1,000 members in every state of the US is focused on this trend and we are working at headquarters to implement these services.

    • That's awesome, Alan. It's great to have apps that meet an organization's specific needs. We'll see ASCII at the next event in Florida on March 21!

    1 2 3 4 5 6 10

Search by Tag

2014 press release award backup BDR Big Data business business continuity case study cloud cloud backup cloud computing curation cyber security data center data management data protection data recovery disaster planning disaster recovery Hard disk drive Hardware healthcare industry news IT industry linux marketing Microsoft Mobile MSP MSPs news partners ransomware ShadowProtect software StorageCraft StorageCraft Cloud Services storagecraft news tech tips VAR verticals video virtualization webinar Windows