Even though cryptocurrency prices have fallen, cybercriminals could still take advantage of mining software, and not for the reasons you think.
Instead of creating alternative currencies, cryptomining software could be used for a more sinister attack that could steal corporate secrets, according to Troy Kent, a threat researcher at Awake Security. He presented his research at the InfoSecurity North America Conference in New York earlier this month.
“With this attack, people are using a tool, a crypto miner that they’re used to seeing on their network. But they’re not used to responding to it as though it is a legitimate threat, like a botnet or a Trojan,” Kent said in an interview with CNBC. “They can come in and they can steal files, they can steal intellectual property, they can steal credentials and then log in as maybe the CEO. Or they can download more software. They can bring down services.”
Kent said he is unsure whether hackers are already using this technique to attack companies, but wanted to share his research so businesses can be on guard.
“If I can do it, then absolutely an attacker could do it, whether they’re very sophisticated or not sophisticated at all,” he said.
The threat is stealthy and cybersecurity teams may have trouble finding it. “Depending on the type of detection that they’re using, it’s very possible that they [businesses] would miss this attack, or at least deprioritize it, or dismiss it as only a miner,” Kent said
The attack begins like cryptojacking, when hackers take over your computer to mine cryptocurrencies for their profit.
To protect themselves, Kent suggests companies adopt more advanced detection methods based on behavior and analytics.