Kaspersky, are a multinational anti-virus and security service provider.  They have recently published a report that claims that there is an increase in the number of “bad actors” from the miner community stealing the computing power of innocent victims.

Notorious miners make use of the ransomware programs to exploit the computing power of unsuspecting users.  The miners make use of the ransomware programs to harness the CPU power.  By making use of the CPU power, the cybercriminals mint cryptocurrencies.  It gets too late before the innocent user realizes that more than 70 to 80% of their CPU or graphics power has been used up to generate virtual coins.

Illicit mining of cryptocurrencies began when the value of cryptocurrencies were increasing to an all-time high.  The all-time high period was during the late 2017 and early 2018. It was noted that when the price of the cryptocurrencies declined, the rate of the illicit mining activity as well went down considerably. We are yet to witness how the collapse of the Bitcoin price in November might affect the mining activity and further decline.

For those not aware of what botnets are, they are a network of private computers that are hacked and used without the knowledge of the owner.  The usage is mostly related to sending spams.

During the third fiscal quarter of the year 2018, the decline in the numbers of attacks was considerably seen.  The DDoS attacks were very less.  This was probably due to the high competition in the DDoS market that made the whole process less expensive.  However, the botnet computers had to still copy with several organizational issues which were mostly less than legal.

The mining process is executed in a complicated way in that the owner of the infected network did not know how to identify if their computer was infected or not.  Therefore, when the existing server capacity was re-profiled, it was not easy for the owner or to detect it.

Lazarus, which was a cryptocurrency trading application that was trojanized and targeted by Mac Operating Systems was talked of in a report by Kaspersky.  The story then stated that when they were investigating a cryptocurrency exchange that was infected with Lazarus, they bumped upon the unexpected identification of a few facts.  The victim was then infected with a trading application that was trojanized in a way to affect the cryptocurrency transactions.  The details of the infection were reported over to the company.

It was then identified that an unsuspecting employee downloaded an application from a website that was looking legitimate.  And, after that their computer was infected with Malware by the name Fallchill.  This is an old tool that was used by Lazarus, and they have switched back to using it.  Several complaints have been launched about the coming back of the Fallchill, and one of the claims were from US CERT.

Research is ongoing to bring in a counter solution to these attacks, though no reasonable solutions have been achieved so far.