Cybersecurity Group Links Illicit Mining To NSA-Developed Exploit

- Advertisement -

September 19, 2018 9:35 PM

The Cyber Threat Alliance reports that an increase in cryptojacking stems from the 2017 leak of the NSA creation EternalBlue.

Instances of cryptojacking, the practice of stealing the processing power of computers for the purpose of mining cryptocurrency, have skyrocketed over the past year, increasing 459 percent according to a recent report issued by the Cyber Threat Alliance, a nonprofit membership organization chartered by the likes of Symantec and Cisco. And the cryptojackers are using a tool that won’t seem to go away.

According to the report, cryptojackers are facilitating their attacks using EternalBlue, a vulnerability exploit conceived by the National Security Agency (NSA). The agency intended to keep the knowledge of the vulnerability to itself after discovering it, but in April 2017 the hacker group The Shadow Brokers obtained and publicly released the information. The exploit was quickly used in several high-profile cyberattacks, including the WannaCry ransomware.

Microsoft blamed the NSA in a public statement, saying, “This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem … We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.” Microsoft created a patch to eliminate the EternalBlue vulnerability, but according to the Cyber Threat Alliance, more than a year later many businesses still haven’t installed the patch on their machines.

Though they are still using an old technique to breach the security of computer systems, cryptojackers do have some new tricks and are becoming more sophisticated. For one, they are now attacking machines other than just computers. “Attackers are increasingly targeting internet-of-things (IoT) devices, despite their lower processing power,” the report claims. “The targeting of routers and media devices, such as smart TVs, cable boxes, and DVRs, are on the rise.”

- Advertisement -

And when attacking computers, cryptojackers have new ways of evading detection. Some configure their software to the keep the CPU usage below a noticeable level. “[M]ore sophisticated attackers configured their mining software to only use 20 percent of the machine’s CPU. Other examples stop mining when mouse movement is discovered.”

The report also raised the possibility that cryptojacking could become a front on which nation-states begin attacking each other, especially over the long term, as more countries issue national cryptocurrencies. Cryptojacking could be used “as a form of economic warfare to destabilize economies,” says the report. “Illicit cryptocurrency mining by malicious actors could be used to drive up inflation or initiate 51 percent attacks, limiting the ability of a central government bank to control their economies.”

The good news, though, is that for now the Cyber Threat Alliance believes “network defenders have the ability to disrupt the activities of illicit miners by raising their costs and forcing them to change their behavior.”

- Advertisement -

Getting that EternalBlue patch might be a good place to start.

Tim Prentiss is a writer and editor for ETHNews. He has a master’s degree in journalism from the University of Nevada, Reno. He lives in Reno with his daughter. In his spare time he writes songs and disassembles perfectly good electronic devices.

Like what you read? Follow us on X @Bitnewsbot to receive the latest NSA, EternalBlue or other Ethereum technology news.



Previous Articles:

- Advertisement -

Latest News

Nissan Recalls 480,000 Vehicles; Stock Surges Despite Engine Issue

Nissan is recalling over 480,000 vehicles in the U.S. and Canada due to engine...

Bitcoin Risks $2.67B in Longs if Price Falls Below $108K Level

Bitcoin's price approaches its all-time high, with traders watching for signs of a breakout...

CrowdStrike Stock Hits Record High After Analysts Hike Price Target

CrowdStrike Holdings (CRWD) stock reached an all-time high with a gain of more than...

Amber International Raises $25.5M to Grow $100M Crypto Reserve Fund

Amber International Holding raised $25.5 million in a private placement to expand its $100...

Traders Flock to Hyperliquid Apps Amid Hopes for Airdrop Rewards

Investors are moving millions into projects on the Hyperliquid blockchain in hopes of future...

Must Read

9 DePIN Programs For Passive Income

Here’s something most people don’t realize: your smartphone and PC can generate passive income with almost no effort.I’m not talking about clicking ads for...