Cryptocurrencies

New JASK report reveals Linux users are prime victims for Monero cryptojacking

A new report has highlighted how cryptojackers have been targeting Linux devices to install malware to mine for Monero.

The report comes from the JASK ‘Autonomous Security Operations Center’ (ASOC) platform.

The JASK ASOC platform automates the correlation and analysis of threat alerts. In doing so, it searches for high priority threats and streamlines investigations, and it seeks to deliver much faster response times.

Its special operations (SpecOps) team has unearthed a group that is targeting exposed Linux servers for “broad propagation and revenue generation through illicit cryptomining on abused infrastructure.”

The report claims the group known as ‘Outlaw’ is behind the attempts, though no official proof has been provided.

Reportedly, in late November 2018, a secure shell (SHH) brute force campaign succeeded on “multiple internet facing Linux devices within the victim’s demilitarised zones (DMZ) infrastructure.”

After the infection, JASK discovered several payloads being delivered to the victims. The payloads included the cryptomining tools used by the perpetrators.

The analysis conducted by the SpecOps team led JASK to conclude that the host machines fell victim to an “opportunistic” attack “likely sponsored by the Outlaw group.”

It believes the Outlaw group could be involved due to its involvement with “several recent shellbot and cryptocurrency mining and SSH brute force campaigns,” and because of the similarity in the type of malware used between the campaigns.

The report states that the perpetrators have created “an easily liquidated revenue stream through the use of XMR-Stak, a highly configurable Monero (XMR) miner,” which is becoming increasingly “common with financially motivated campaigns.”

Passive domain name system (DNS) data for the virtual private server (VPS) analysed by JASK shows it hosting a number of domains that resemble video game servers, such as Minecraft.

JASK believes this indicates the campaign actors have been building their own mining pool infrastructure as opposed to tapping into publicly available ones.

The news that Monero is being mined by cryptojackers shouldn’t come as too much of a surprise. Recently, it was revealed that 4.3% of all Moneros had been mined through cryptojacking.

The issue of cryptojacking has become a growing concern in the space. Discover how cryptojacking rose by 44% in 2018 and how to protect yourself against this new wave of cybercrime on Coin Rivet.

 

Jordan Heal

Jordan is an English Literature graduate fresh out of Lancaster University with a keen passion for writing. Whilst not having a wealth of background into the world of cryptocurrency, he’s extremely motivated to learn the ropes and become apart of the movement. In general, he’s a huge fan of narratives, whether it be books, t.v., films or games.

Disqus Comments Loading...

Recent Posts

The surge of Bitcoin NFTs: Everything you should know about Bitcoin ordinals

From digital art to real-estate assets, NFTs have become a significant attraction for investors who…

3 weeks ago

MEXC Partners with Aptos to Launch Events Featuring a 1.5 Million USDT Prize Pool

Singapore, Singapore, 21st October 2024, Chainwire

3 weeks ago