Crypto-hacking - a new type of data center attacks
Servers captured by hackers for the mining of cryptocurrency can generate thousands of bills for the payment of cloud hosting and consumed electricity.
In February 2018, the well-known manufacturer of electric vehicles Tesla underwent crypto-hacking (cryptojacking). Incorrect configuration of the Amazon Web Services environment allowed hackers to get inside it. However, instead of installing ordinary ransomware programs, viruses, or the banal data theft, hackers installed specialized software that in the background was busy mining the cryptocurrency.
This type of attack is quite difficult to detect. In this case, there is no leakage or loss of data, all accounts remain accessible to their owners, and none of them suspects that someone has entered the system. At the same time, the mining software works in the background, earning money for criminals who do not invest a single penny in this process.
In the first half of 2018, according to Trend Micro's threat report, 10 times more crypto-hacks were detected than during the same period last year. Moreover, according to the cloud security company RedLock, about 25% of companies detect crypto-hacking in their cloud systems. It got to the point that hackers place crypto miners in smartphones, IoT devices and any other devices that can launch a web browser.
If a home PC or another private device has undergone a crypto-attack, the decrease in its performance will be so small that the owner may not even notice it. However, if devices in the corporate network, server in the data center and cloud systems are infected with crypto-miners, users will be faced with a visible decline in application performance, and will begin to generate a huge stream of support calls.
In turn, technical support will spend a lot of time figuring out the reasons for declining performance and will hold a lot of activities in an attempt to restore it, but many of them will be unsuccessful - and the time a good sysadmin works is expensive ... In the end, crypto miners will load the processors to the maximum in the end, it can lead to the collapse of systems that will have to be completely reinstalled, and this will also take a lot of time and money.
In addition, crypto miners during their work will have time to spend large amounts of computing resources and electricity. As a result, the user will receive bills with a sum of tens and hundreds of thousands of rubles. to pay for cloud computing and / or consumed electricity before the real cause of high CPU utilization is detected and eliminated.
You should not be skeptical about crypto-hacking. If it turns out that crypto-mining in your system does not bring sufficient profit to hackers, they can monetize their efforts at any time in another way, for example, launch an extortion program, or merge your database to your competitors.
However, the protracted decline in the Bitcoin rate in October-December 2018 led to the shutdown of many crypto-farms and private miners due to a drop in the profitability of the process, which of course will reduce the power consumption of the Bitcoin network. At the same time, this will provoke a surge of crypto-hacks, and already in January-March 2019 we can witness many reports about their discoveries.
Usually, those who create a mining farm spend significant amounts on its purchase, accommodation, maintenance, energy consumption, and ultimately hope to reach the break-even level in 3-9 months. With a crypto-burglary, all these costs of the owner - the profit of the burglar. The ultimate goal of a hacker is to install mining software on as many systems as possible, while remaining unnoticed. The longer they hide, the more money they earn.
Some other popular cryptocurrencies can be mined on regular PCs instead of specialized processors that require Bitcoin networks, and here also opens up a wide field of action for crypto burglars. After all, software for crypto-mining is available on the Internet, which makes the entrance to this business extremely accessible to any PC user.
In the light of the ever-growing threats of crypto-hacking, the owners of IT systems need to strengthen security measures - use anti-virus protection and vulnerability scanning systems, regularly monitor the operation of IT systems at the process level. For example, in the cloud Cloud4YAll necessary measures have been implemented to prevent crypto-hacking and its distribution. At the same time, all Cloud4Y customers can receive additional technical support for rented virtual machines, as well as virus protection services (DrWeb) and DDoS attacks.
In February 2018, the well-known manufacturer of electric vehicles Tesla underwent crypto-hacking (cryptojacking). Incorrect configuration of the Amazon Web Services environment allowed hackers to get inside it. However, instead of installing ordinary ransomware programs, viruses, or the banal data theft, hackers installed specialized software that in the background was busy mining the cryptocurrency.
This type of attack is quite difficult to detect. In this case, there is no leakage or loss of data, all accounts remain accessible to their owners, and none of them suspects that someone has entered the system. At the same time, the mining software works in the background, earning money for criminals who do not invest a single penny in this process.
In the first half of 2018, according to Trend Micro's threat report, 10 times more crypto-hacks were detected than during the same period last year. Moreover, according to the cloud security company RedLock, about 25% of companies detect crypto-hacking in their cloud systems. It got to the point that hackers place crypto miners in smartphones, IoT devices and any other devices that can launch a web browser.
If a home PC or another private device has undergone a crypto-attack, the decrease in its performance will be so small that the owner may not even notice it. However, if devices in the corporate network, server in the data center and cloud systems are infected with crypto-miners, users will be faced with a visible decline in application performance, and will begin to generate a huge stream of support calls.
In turn, technical support will spend a lot of time figuring out the reasons for declining performance and will hold a lot of activities in an attempt to restore it, but many of them will be unsuccessful - and the time a good sysadmin works is expensive ... In the end, crypto miners will load the processors to the maximum in the end, it can lead to the collapse of systems that will have to be completely reinstalled, and this will also take a lot of time and money.
In addition, crypto miners during their work will have time to spend large amounts of computing resources and electricity. As a result, the user will receive bills with a sum of tens and hundreds of thousands of rubles. to pay for cloud computing and / or consumed electricity before the real cause of high CPU utilization is detected and eliminated.
You should not be skeptical about crypto-hacking. If it turns out that crypto-mining in your system does not bring sufficient profit to hackers, they can monetize their efforts at any time in another way, for example, launch an extortion program, or merge your database to your competitors.
As it is known, mining of crypto-currency consists in the fact that servers solve various mathematical problems of creating new structures (usually we are talking about new blocks in the blockchain) to ensure the functioning of crypto-currency platforms. At the same time, mining is usually reduced to a series of calculations with the search of parameters for finding a hash with specified properties.According to studies by Alex de Vries, an employee of Pricewaterhouse Coopers, conducted in mid-2018, the total energy consumption by the network of the most popular and first cryptocurrency in the world, Bitcoin, could be 7.67 GW to end of this year, which is comparable to the power consumption of a country like Austria (8.2 GW). Imagine how much such a volume of electricity costs to the end user ...
Different cryptocurrencies have different computational models. All of them take a lot of time to find a suitable option, but at the same time the verification of the found solution occurs very quickly. Such calculations are used by cryptocurrency algorithms to provide protection against the reissue (expenditure) of the same units. At the same time, miners are rewarded in the same crypto-currency for using their computing power and supporting the operation of crypto networks.
However, the protracted decline in the Bitcoin rate in October-December 2018 led to the shutdown of many crypto-farms and private miners due to a drop in the profitability of the process, which of course will reduce the power consumption of the Bitcoin network. At the same time, this will provoke a surge of crypto-hacks, and already in January-March 2019 we can witness many reports about their discoveries.
Usually, those who create a mining farm spend significant amounts on its purchase, accommodation, maintenance, energy consumption, and ultimately hope to reach the break-even level in 3-9 months. With a crypto-burglary, all these costs of the owner - the profit of the burglar. The ultimate goal of a hacker is to install mining software on as many systems as possible, while remaining unnoticed. The longer they hide, the more money they earn.
Some other popular cryptocurrencies can be mined on regular PCs instead of specialized processors that require Bitcoin networks, and here also opens up a wide field of action for crypto burglars. After all, software for crypto-mining is available on the Internet, which makes the entrance to this business extremely accessible to any PC user.
In the light of the ever-growing threats of crypto-hacking, the owners of IT systems need to strengthen security measures - use anti-virus protection and vulnerability scanning systems, regularly monitor the operation of IT systems at the process level. For example, in the cloud Cloud4YAll necessary measures have been implemented to prevent crypto-hacking and its distribution. At the same time, all Cloud4Y customers can receive additional technical support for rented virtual machines, as well as virus protection services (DrWeb) and DDoS attacks.