Smart Devices Could Create Cryptomining Armies

Cybercriminals could exploit the vulnerabilities of smart TVs, smartphones and IoT devices to create an army of millions to mine cryptocurrencies.

Cybercriminals could exploit the vulnerabilities of smart TVs, smartphones, and other IoT (Internet of Things) devices to create an army of millions to mine cryptocurrency Monero, digital security firm Avast warned at the Mobile World Congress 2018.

To prove its point, Avast plans to conduct an experiment and ask attendees to participate by using their smartphones to mine Monero. The company said it would need more than 15,800 devices to mine $1,000 in Monero coins in the four-day span of the congress.

During the experiment, Avast will use a smart TV and will allow visitors to take part in mining Monero coins in real time via their smartphones. The coins mined will remain with Avast, which will donate them to Spanish organization PantallasAmigas at next year’s Mobile World Congress.

Avast mobile business manager Gagan Singh commented:

“Until recently, cybercriminals were focused on spreading malware to turn PCs into crypto-mining machines, but now we are also seeing an uptick in attacks targeting IoT devices and smartphones. According to current data from Shodan.io, a search engine for internet-connected things, 58,031 smart devices in Barcelona are vulnerable. If each of these devices was recruited to a botnet to mine Monero at Mobile World Congress, cybercriminals could earn the approximate equivalent of $3,600, or €3,000.”

Commenting on the reasons for this shift in focus, Singh said:

“The costs involved in mining are so high that profit from cryptocurrency mining is very low, encouraging cybercriminals to not attack tens of thousands but millions of devices.”

IoT devices include smart TVs, light bulbs, webcams, thermostats, cars, refrigerators, RFID and pacemakers, among countless other. Like smartphones, they have low computation power but if used on a mass scale, they could allow cybercriminals to maximize profits, especially if those devices are mining without the knowledge or consent of their owners.

According to Avast, the first IoT crypto mining botnet was noticed in 2017 and was a new version of the Mirai botnet. The risk of cybercriminals taking control of IoT devices to mine virtual currencies has increased tremendously over the past year.

Cryptomining malware poses increasing threat to organizations

Last week, cybersecurity solutions provider Check Point Software Technologies released the findings of its latest research, showing that crypto mining malware “have steadily become an increasing threat to organizations, as criminals have found it to be a lucrative revenue stream.”

Checkpoint identified Coinhive , Fireball, and Rig ek as the three most active pieces of malware.

Additionally, Malwarebytes accidentally discovered a new strain of malware that redirects millions of unsuspecting Android device users to pages that use the processing power of their gadgets to mine Monero.

An independent study by Chinese security firm Netlab has found that cryptocurrency botnets are spreading rapidly through Android devices. The botnet forces the Android devices to mine crypto coins, the study said.

Source: Read Full Article

Leave a Reply