What is cryptohacking and how can it affect my business?
Any seemingly easy way to generate income quickly becomes the center of attention, and usually many of them are not exactly with good intentions. Whenever there is the slightest possibility of taking a fast path, despite being unethical or even totally illegal, ingenuity is at the service of getting money at all costs. This has been the case since the Internet has existed.
Since its inception, indiscriminate spam gave way to more sophisticated methods, such as theft of credentials, bank details, infections that made our devices send spam in bulk or that displayed advertising everywhere. Others “hijacked” our data in exchange for a ransom to free it — which normally did not happen — or even integrated our computers into botnet networks for countless purposes, such as launching denial of service (DDoS) attacks from millions of infected computers. -attacks that are normally contracted and paid for or, simply, get our teams to visit websites or click on links invisibly to their users.
To a greater or lesser extent, all this was obvious and very annoying for the user, but criminals — whom we will not call hackers, taking into account the most recent and in my opinion, the most correct definition of the RAE — have found methods much more lucrative and less obvious to the infected user. We are talking about crypto hacking.
Someone could “mine” cryptocurrencies using the electricity and hardware of your business without you noticing
Obviously, we are talking about methods to obtain cryptocurrencies in totally illegitimate ways. The most obvious is also the best known, for example by stealing credentials and therefore private keys of your own criptomonedas, as has been done historically: using keyloggers, or software spy that records all keystrokes of our keyboards. Another form of attack is to take advantage of vulnerabilities in the services of exchange or trading houses available, which causes massive thefts of large sums of money that, together with the anonymity of the very protocols on which cryptocurrency networks are based, makes it practically impossible to retrieve them. In more mundane terms, if the theft of credentials could be equivalent to having our wallets stolen, the robberies of exchange houses or trading services would be equivalent to robbing a bank office.
But these elaborate methods go much further, targeting users’ hardware resources. As we have already commented in other articles about bitcoin, in most cryptocurrency networks, transactions are validated through work tests that revert to a commission for these “miners’’, and the biggest problem for the profitability of this operation is that the complexity of these work tests is gradually readjusted according to the number of “miners” connected. Thus, it requires greater processing capacity and, consequently, electricity consumption in order to solve them. This normally generates very extensive “farms’’ of cryptocurrency mining systems, which work legitimately, but which incur very high costs of hardware, housing and especially, electrical consumption.
Given this situation, criminals find it very profitable to simply keep infecting computers, but instead of sending spam or launching DDoS attacks on specific targets, they simply dedicate the resources and electricity of the poor infected user to mining cryptocurrency for their own benefit. Such is the complexity that so that the user does not notice the infection and does not see his computer slowed down excessively, the CPU consumption can be adjusted automatically so that it only uses the free CPU, since this way the infection will take much longer to be corrected.
Your company’s website is at risk of being the target of crypto hacking
Unsurprisingly, the option of putting website visitors to mine bitcoins for their own benefit has opened up a new field for crypto hacking. In this way, instead of infecting “end-users’’ it is intended to attack vulnerable websites so that they also include these libraries in their headers. Thus, all visitors who mine cryptocurrencies without either themselves or the owners of the websites in question is aware of what is happening. As an example, just a few days ago the researcher Scott Helme published a study that identified more than 4,000 websites infected in this way, including some governmental ones.
As times change, the objectives and methods used by criminals also change, but it is always vitally important to protect all our systems with specific and professional solutions such as those provided by Sarenet in terms of web application firewalls or perimeter security.