With the popularization of cryptocurrency and cryptomining over the last few years, a new style of cyber attack has emerged.
During 2018, many analysts began to warn people about the problems of “cryptojacking”—a hacker hijacking a computer to use it for mining cryptocurrency.
Now, the hackers are attacking the cloud-based infrastructures used by companies.
AT&T Cybersecurity study reports enterprise-cloud infrastructures vulnerabilities
A new study released from AT&T Cybersecurity reveals that this is now the most common type of attack aimed at cloud infrastructures. Even though cryptocurrencies are losing some of their novelty, and the values are starting to decline, there is no evidence that these types of attacks will slow down.
In fact, the difficulty in blocking them and dealing with the infections may cause hackers to turn to them more often. Many hackers are now looking at cryptojacking as a means of making a substantial amount of money with little to no risk of being identified and prosecuted, often victims of the attack don’t even know they’ve been hacked.
How cryptomining works
With cryptocurrency transactions, miners use computers to solve complex mathematical computations. The one who does this the fastest is given a bonus/percentage of the transaction.
Hackers are hijacking computers to process these computations. By networking dozens (or even hundreds) of computers together, they can complete the computations faster than others and earn the bonus. The victimized computer will slow down because its CPU is being used beyond normal levels.
The AT&T research showed that one vulnerability with cloud-based infrastructures has been container management platforms and API keys. For instance, Tesla’s server was recently breached in this manner and used to mine for Monero, a cryptocurrency. Furthermore, the same domain used in this hack has also been linked to other malware infections. With API keys, hackers are actively scanning the web looking for sites with open API keys that can be compromised. Once they find one, they go after the accounts that are linked to these keys.
Web hosting services are identified as targets as well
Web hosting services have also been targeted recently. Original website production has blossomed in the last few years with the booming e-commerce industry. The Vesta control panel (VestaCP) which is used by some web hosting platforms was recently discovered to have a vulnerability that left it open to cryptojacking. This vulnerability allowed a Monero miner access to the web hosts that were running the control panel.
The best way to prevent cyber attacks from hackers
The best way to prevent these hacks is to keep your software updated frequently. When a flaw is found in a software’s programming that allows hackers access, it usually takes a few days for hackers to take advantage of it. So, the best defense is to automatically install security patches as soon as they’re rolled out.
Users should utilize strict password protocols including strong passwords and lock-outs as a means to prevent brute force attacks. All of these can be used to protect your cloud-based computing, but ultimately, your cloud host will be the main line of defense. If a host notices heavy traffic that may indicate cryptojacking or other hacks, it should alert users immediately.