Cryptojacking Malware Targets Linux and IoT Users to Mine Monero Cryptocurrency

Updated May 4, 2022 at 7:14 AM UTC This article is more than 4 years old

News

Cryptojacking Malware Targets Linux and IoT Users to Mine Monero Cryptocurrency

Cybersecurity firm JASK Inc. published a study on February 5, 2019, detailing the wave of cryptojacking attacks in November 2018 that mined privacy-centric cryptocurrency Monero (XMR) on target user’s computer system.

Romanian Hacker Group “Outlaw” to Blame

According to research conducted by JASK, an upgraded and modified version of trojan Shellbot has been very active since November 2018.

Per the security firm, the individuals responsible for spreading the malicious trojan are likely from the Romanian hacker group called “Outlaw.” Interestingly enough, the word Outlaw in the Romanian language is spelled as “haiduc,” which happens to be the name of one of the payloads the dangerous malware installs.

The report reads in part:

“The toolkit observed […] in use by the attacker contains three primary components: IRC (Internet Relay Chat) botware for Command and Control (C2), a revenue stream via Monero mining, and a popular scan and brute force tool, haiduc.”

It’s worth highlighting that trojan Outlaw targets Linux and Internet of Things (IoT) users in particular.

Keen followers of the crypto industry would remember a recent report which posited that Rocke group’s Linux mining malware is strong enough to automatically uninstall cloud security solutions from Alibaba Cloud and Tencent Cloud to cryptojack XMR on the victim’s machines.

Will Cryptojacking Continue to Run Rampant in 2019?

Cryptojacking has emerged as a favorite among cybercriminals in recent times.

This point was made clear when a McAfee report published in June 2018 concluded that cryptojacking incidents have risen by a staggering 629 percent in 2018 vis-à-vis 2017.

For the uninitiated, cryptojacking refers to the act of mining cryptocurrencies on the target victim’s computer system without their knowledge. In cryptojacking, hackers trick the victim into running corrupt web scripts which install crypto mining bugs in the latter’s computing system. These snippets of code utilize the power of the oblivious user’s system to generate virtual currencies like bitcoin, monero, zcash, and others.

Hackers prefer to mine privacy-oriented cryptocurrencies as it makes it easier for them to keep their identities anonymous on the internet.

BTCManager reported on August 22, 2018, how hackers have turned to smartphones for cryptojacking.

Similarly, reports emerged on May 14, 2018, stating how India’s largest conglomerate fell victim to monero cryptojacking. The attack, initially detected in Aditya Birla Group’s offshoot branches quickly spread to the company’s manufacturing and other establishments in India within days.