The cryptocurrency business around the world has seen a boom recently. Cybercriminals target these platforms since these cryptocurrencies are decentralized and no authorities are in charge of monitoring the crypto activities. Additionally, the soaring values of these cryptocurrencies are luring cybercriminals.
All About the attacks-
Many cryptojacking attacks have been performed in the last two months targeting businesses such as Hotbit, Rarible and Docker Hub.
- Exchange vulnerabilities were seen to be exploited by Promotei botnet and installed Monero miner.
- HackBoss, a crypto-currency stealing malware was distributed using telegram. Researchers believe that this malware has successfully stolen over $560,000 from the victims till now.
- US educational organizations faced attacks from cybercriminals who had the intention to compromise their network to be able to mine cryptocurrencies.
Exploited vulnerabilities-
Several vulnerabilities have been actively exploited by several threat actors to be able to mine cryptocurrency and spread miners-
- Nagios XI software was targeted by a threat actor to exploit a remote command injection vulnerability (CVE-2021-25296). This affected the Nagios XI version 5.7.5 in the attack of crypto-jacking.
- Unpatched QNAP NAS devices were targeted in a cryptocurrency malware campaign last month. Two remote command execution flaws (CVE-2020-2506 and CVE-2020-2507) were exploited in this attack.
Conclusion-
With the expected increase in the market of cryptocurrencies, the cyberattacks on them are likely to increase. So the companies should be updated in terms of cyber hygiene, use multifactor authentication for the transactions, and have the latest patches implemented.