You are here: Home » International » News » Companies
Business Standard

Your computer may be making Bitcoin​ for hackers

Spike in value of digital currencies gives cybercriminals a new way to earn money that is less disruptive than ransomware

Robert McMillan | WSJ 

A document said that an IRS agent recently found three cases in which people were using Bitcoin to evade taxes	istock

are commandeering the horsepower of unwitting victims’ computers to secretly generate cryptocurrencies, hoping to cash in as the price of has soared to $6,000. New forms of malicious software have mushroomed, appearing on hacked desktop computers, and are sneaking code that generates digital currency on misconfigured cloud-computing servers and even on websites, which have been reprogrammed so visiting browsers become unsuspecting digital-currency generators. such as need a broad network of computers to process transactions. To lure participants, they pay off the computers that join the network with newly minted digital currency. These computers are called miners. A typical personal computer can crank out about one every 4½ years, according to data provided by BitMiner, an online mining group. In recent months, currency-mining software has been found on cloud-based internet servers operated by the British insurer and Times Publishing Co., owner of the Tampa Bay Times, security say. Unwanted mining software is also showing up more frequently on desktop computers, security say. Starting last May, researchers at the threat-intelligence firm Inc. saw offerings of such malware spike on dark web forums, where they typically sell for between $50 and $850. has found 62 different types of currency-mining malware for sale. “Most of this software was offered for sale in the past year,” said Andrei Barysevich, a researcher at “So criminals are definitely taking notice of a spike in cryptocurrency values.” The value of bitcoin, the world’s most popular cryptocurrency, has jumped nearly 10-fold over the past year, from just over $600 in October 2016 to more than $6,000 earlier this month. That has made the mining software that performs the calculations required to process transactions on the network much more valuable. On Thursday, the price of was about $5,900. have long sought new ways of converting the computers they hack into cash. They have stolen online banking credentials, rented out hacked machines to spammers or online attackers, and most recently have infected them with ransomware, malicious software that renders computers unusable until a ransom is paid. While ransomware is still seen as the bigger threat, are also looking for less-disruptive ways to earn money, computer-security say. In dark web discussion forums, fret ransomware is so destructive it will prompt users to improve the security of their machines.

Widely publicized outbreaks, such as this week’s Bad Rabbit ransomware, which shut down systems in countries such as Russia, and the U. S., make more people aware of the phenomenon, security experts said. also worry high-profile ransomware outbreaks such as WannaCry earlier this year may have ruined the “credibility” of the ransomware product, said John Fokker, digital-team coordinator with the Dutch National Police’s high-tech crime unit. WannaCry victims were typically unable to get their files back, even after they paid the ransom. In an alert published Tuesday on the Bad Rabbit ransomware, the Department of Homeland Security’s Computer Emergency Readiness Team said it discouraged victims from paying ransomware because “this does not guarantee that access will be restored.” A spokeswoman with the of Investigation declined to comment for this article. The spike in the value of has given a new avenue, said Mr. Fokker, whose unit was involved in the takedown of the AlphaBay dark web marketplace earlier this year. “A lot of criminals are saying, ‘We’re OK with a lesser payout, so long as we stay safe and as long as the cash flow continues,’ ” Mr. Barysevich said. isn’t the only digital currency driving In recent weeks, software that mines another digital currency, Monero, was spotted on websites belonging to the Tampa Bay Times’ PolitiFact fact-checking website and CBS Corp.’s Showtime Networks, according to Troy Mursch, a computer-security researcher. In both cases, the websites apparently were altered to run a special script that offloaded the mining work to the computers of anyone visiting the website, Mr. Mursch said. were able to install their script on the fact-checking website after discovering a misconfigured cloud-computing server, said PolitiFact Executive Director Aaron Sharockman. The Monero mining scripts earned money for the by running inside browsers while users were visiting these sites, Mr. Mursch said. That slowed down computers temporarily, but didn’t actually install anything malicious on the visitors’ computers, he said. A Showtime spokeswoman declined to comment. Last month [September], discovered Aviva computer consoles that hadn’t been properly secured, according to RedLock Inc., a seller of cloud-security services. That allowed the to run their own bitcoin-mining software on the company’s cloud-computing machines. The Aviva team fixed the issue after being notified by RedLock and it “had no impact,” an Aviva spokesman said. RedLock has uncovered close to 100 similar examples of unsecured cloud resources taken over to mine digital currencies, said Varun Badhwar, the company’s chief executive. Source: The Wall Street Journal

First Published: Sat, October 28 2017. 11:02 IST
RECOMMENDED FOR YOU