Cryptojacking is the latest buzzword in the crypto-community. The premise is simple; wannabe miners secretly install software on unsuspecting devices or websites which hijack the victim’s computing power to mine cryptocurrency. This usually comes with a little bit of social engineering and well-designed malware which will hide on the victim’s computer, website, or cloud. And the problem is growing more severe, according to IBM managed SecurityIntelligence.
In the ‘old days’ of cryptojacking, miners would deliver the software through infected files which would then be stored directly on the victim’s hardware. But times have changed. Now, hackers simply inject scripts into websites which then harness visitors’ computing power in order to illicitly mine CPU-based cryptos.
Browser-based mining is an idea that began with good intentions. It was marketed with web-publishers and web-browsers in mind. Website owners could forgo obnoxious advertising campaigns and still receive kickback from a growing number of visitors. Additionally, the average web junkie could install their own browser plug-in in order to capitalize on their time spent scrolling through Reddit. Sounds like a great deal, right?
Well, like most good ideas, this one was quickly corrupted. The popular CoinHive browser-based mining plug-in was mimicked and repurposed with arguably-malicious intent. “We thought most sites would use it openly, letting their users decide to run it for some goodies, as we did with our test implementation on pr0gramm.com before the launch. Which is not at all what happened in the first few days with Coinhive,” an anonymous member of the CoinHive team told Motherboard.
It may be time to update the list of internet rules. Rule 34.5: If it exists, people will mine with it.
Tesla is becoming increasingly familiar with this new rule. Back in November, what started as a joke on Facebook quickly became a reality as a Tesla owner posted photos of a bitcoin mining rig in the back of his trunk, powered by a free Tesla charging station. While controversial, the act was little more than a talking point that went viral for a week.
Elon Musk’s latest headache, however, is certainly cause for concern.
On February 20, RedLock security researchers released a report outlining a cryptojacking incident that targeted Tesla’s Amazon S3 cloud service. Hackers gained access to the company’s login credentials and installed complex mining pool software. Not only was Tesla briefly mining cryptos without knowing it, private data was also compromised. The software was promptly removed, but this is only one incident in a recent trend of high-profile cryptojacking cases.
Earlier in the month, over 5,000 websites were hit with crypto-mining malware, including major UK government operated sites. The script was inserted into a popular plug-in, BrowseAloud, which is meant to assist blind and partially sighted individuals browse the web.
“This type of attack isn’t new – but this is the biggest I’ve seen. A single company being hacked has meant thousands of sites impacted across the UK, Ireland and the United States,” noted Scott Helme, an IT security consultant.
While these incidents may be shocking, there may be even more troublesome implications for the world’s critical infrastructure.
As the Internet of Things continues to seep into every aspect of our lives, infrastructure is undoubtedly impacted. Traffic lights, pipelines, nuclear plants, supply chains, electrical grids, and countless other overlooked and underappreciated tools in our increasingly complicated web of connectivity are becoming more vulnerable to attack, malicious or not. Even your smart TV can be hijacked for crypto-mining while you’re pretending to not binge watch 10 seasons of Friends.
While mining may be the most innocent application of security gaps in this mess of data streaming, it still has potentially dire consequences. But more worrying is the impact on the world’s most important infrastructure.
Critical infrastructure isn’t labeled as critical for the sake of it… it’s as such because it’s absolutely necessary in our daily lives. Already, there have been numerous accounts of hackers infiltrating some of the world’s most important systems, even through simple phishing scams.
It’s not my intention to blame those falling victim to these vulnerabilities, or even those exploiting these vulnerabilities – only to point out that as technology progresses, it is important to be aware of the potential threats that could derail the progress we’ve made.
Don’t fear your smart-fridge, just enable some ad-blockers, don’t click random links in emails, keep up-to-date anti-virus protection and definitely always double-check the domain you’re browsing.
As critical as this infrastructure may be, it is equally critical that the security of this infrastructure remain a top priority – and this includes protecting yourself from social engineering, whether you are a high-ranking Tesla employee or a casual Reddit commenter.
By Michael Kern via Crypto Insider