Cryptocurrency Mining Malware Targeting IoT is Now a Big Problem
Cybercriminals are now showing an increasing trend to depend on malicious cryptocurrency mining to make money; thus, there has been a surge of sales on the dark web for cryptojacking malware.
A more interesting phenomenon is that while many hackers target PCs and servers to secretly do cryptocurrency mining, there recently has been a surge in the trend to target IoT (Internet of Things) devices for the same.
IoT devices basically have much lesser power compared to most basic PCs. Still, cybercriminals like to target IoT devices with cryptojacking malware because the IoT devices often lack proper cyber security controls and also because the users would mostly install these devices and then ignore them or forget about them. IoT security is not taken seriously by most users even today. Thus, IoT cryptojacking malware becomes increasingly popular on underground forums.
A recent research report published by security firm Trend Micro discusses this trend in detail. In a blog post based on the report, Fernando Mercês, Senior Threat Researcher at Trend Micro, observes- “The computing power of smartphones and IoT devices is much lower than that of servers or even laptops. However, we definitely see criminals creating cryptocurrency-mining malware to infect these devices.” He discusses, as an example, a malware named DroidMiner, which was advertised in a forum in 2017. He also adds- “It does seem that cryptocurrency malware is gaining traction as a topic in forums in the cybercriminal underground, with some dedicated to exploring whether compromising connected devices (however underpowered) for financial gain is a plausible venture.” However, Fernando Mercês also notes- “Still, it is not as profitable as other criminals may think — at least not yet.”
The profit that criminals make out of attacking IoT devices with cryptojacking malware might be small, at least for now. Still, it is a reason for worry for the users of these devices because irrespective of whether the revenue generated for the hacker is small or big, the truth remains that the device gets infected. Similarly, cryptojacking malware doesn’t cause the kind of damage that Trojans or ransomware cause, but once again, the fact that the device gets infected is a matter of constant worry, for any user. Thus, it becomes important that users give due importance to IoT security.
Sometimes the criminals would even push things a bit too far and cause permanent damage to the IoT devices; there have been instances of cryptojacking attacks leading to phones getting blown up as a result of too much of power consumption.
Preventive measures
Certain preventive measures, if adopted, could help protect devices from cryptojacking attacks. These include:
Regularly updating devices with their latest firmware. Thus you can block criminals from exploiting vulnerabilities to make attacks.
Changing the default credentials in the devices so as to avoid unauthorized access.
Making use of intrusion detection and prevention systems, which help detect and block malicious attacks.
Staying wary of known attack vectors; this would include socially engineered links, files and attachments coming from suspicious websites, suspicious third-party apps etc.
Using effective, trusted security software to block cryptocurrency mining malware.