If you use IoT devices to store personal information, you might be vulnerable to Cryptocurrency-mining malware. Darktrace, a private investigation firm, recently discovered unusual patterns of traffic on cryptocurrency servers.
They discovered that crypto mining systems were coming online at night and hidden under floorboards. Sadly, such practices are not uncommon. To learn more about how Cryptocurrency-mining malware affects IoT devices, read on.
Cryptocurrency tech's security weaknesses
A growing number of security flaws are cropping up in cryptocurrency and smart contract platforms, with some of them being so fundamental that they could even compromise how the system operates.
The most recent vulnerability came with the Bitcoin Core software, which has a secret bug that could allow an attacker to mint more bitcoins. The recent headline-grabbing hacks weren't blockchain attacks, but rather attacks on exchanges. Most of them were a result of weak security practices.
A new paper by cybersecurity researcher Mashael Al Sabah of the Qatar Computing Research Institute reveals how cryptocurrency's blockchain technology could be vulnerable to hackers. Sifting through publicly available data could give a thief the real identity of a crypto investor or account holder.
Cryptocurrency tech's security weaknesses on IoT devices
The IoT is full of embedded sensors and other devices that record consumer data and user activity. Many companies aren't bothered to update these devices, and millions of them are still unpatched and insecure. These are disposable devices, and most companies won't bother to patch them.
Darktrace discovered that IoT device security has uncovered 15-20% more unsecured vulnerabilities than previously believed. This problem is likely to grow as we become more reliant on IoT devices. By 2030, there are projected to be 25.4 billion active IoT devices.
The IoT is full of vulnerabilities, but they don't necessarily mean that Bitcoin is at risk. The IoT is still susceptible to malware, and many devices are vulnerable. The Mirai Botnet orchestrated a massive distributed denial of service attack by exploiting the security weakness of ordinary IoT devices.
Cryptocurrency-mining malware on IoT devices
It seems counter-intuitive to use a connected device to mine for cryptocurrency. IoT devices typically use less power than a laptop or server. Yet cryptocurrency mining is a growing trend for cybercriminals.
As the Internet of Things grows, so does the number of connected devices. Criminals often target unmonitored appliances and IoT devices, making them attractive targets for attacks. Because many of these devices do not have anti-malware software, they are susceptible to simple exploits such as weak passwords and unpatched vulnerabilities.
The malicious miner will spread via any method available, including drive-by download, phishing, malvertising, social engineering, and worm propagation. Worms are a popular infection vector for ransomware families. In 2017, WannaCry, Mirai, and Bricker-Bot all used worms as their infection vector.
Cryptocurrency tech's security weaknesses
A growing number of security flaws are cropping up in cryptocurrency and smart contract platforms, with some of them being so fundamental that they could even compromise how the system operates.
Coinbase, for example, recently noticed unusual activity on Ethereum Classic, a popular cryptocurrency exchange platform that uses the blockchain to record all transactions. The flaws, some of which are fundamental, are the fault of the cryptocurrency exchange's developers.
The most recent vulnerability came with the Bitcoin Core software, which has a secret bug that could allow an attacker to mint more bitcoins. The recent headline-grabbing hacks weren't blockchain attacks, but rather attacks on exchanges. Most of them were a result of weak security practices.
Therefore, it's crucial to strengthen cryptocurrency security as much as possible. The following are some of the most common security flaws and how they may impact the cryptocurrency market.
A new paper by cybersecurity researcher Mashael Al Sabah of the Qatar Computing Research Institute reveals how cryptocurrency's blockchain technology could be vulnerable to hackers. Sifting through publicly available data could give a thief the real identity of a crypto investor or account holder.
These vulnerabilities are a warning that blockchain technology is not foolproof. It's important to be cautious, though, as it's impossible to know if it's completely secure.
Cryptocurrency tech's security weaknesses on IoT devices
The IoT is full of embedded sensors and other devices that record consumer data and user activity. Many companies aren't bothered to update these devices, and millions of them are still unpatched and insecure. These are disposable devices, and most companies won't bother to patch them.
Just like major phone vendors don't update their software on two to three-year-old phones, these disposable devices can remain connected to their networks for years to come.
Darktrace discovered that IoT device security has uncovered 15-20% more unsecured vulnerabilities than previously believed. This problem is likely to grow as we become more reliant on IoT devices. By 2030, there are projected to be 25.4 billion active IoT devices.
With a growing dependence on these devices, a single overlooked misconfiguration could compromise the security of a household.
The IoT is full of vulnerabilities, but they don't necessarily mean that Bitcoin is at risk. The IoT is still susceptible to malware, and many devices are vulnerable. The Mirai Botnet orchestrated a massive distributed denial of service attack by exploiting the security weakness of ordinary IoT devices.
Moreover, the security of IoT devices relies on the client-server architecture, which makes it easier for hackers to infect a system by exploiting the vulnerabilities of a single vulnerable device.
Cryptocurrency-mining malware on IoT devices
It seems counter-intuitive to use a connected device to mine for cryptocurrency. IoT devices typically use less power than a laptop or server. Yet cryptocurrency mining is a growing trend for cybercriminals.
Researchers recently found that a malicious actor offered a Monero miner for routers that were infected with malware. This malware was then later attacked by a more experienced member.
As the Internet of Things grows, so does the number of connected devices. Criminals often target unmonitored appliances and IoT devices, making them attractive targets for attacks. Because many of these devices do not have anti-malware software, they are susceptible to simple exploits such as weak passwords and unpatched vulnerabilities.
Once installed, the crypto mining software will work alongside other malware, stealing valuable information from your system.
The malicious miner will spread via any method available, including drive-by download, phishing, malvertising, social engineering, and worm propagation. Worms are a popular infection vector for ransomware families. In 2017, WannaCry, Mirai, and Bricker-Bot all used worms as their infection vector.
Malicious mining malware can copy worms and install them on IoT devices. They can also buy bots from underground markets for a fraction of the cost of a legitimate antivirus software download.