Why Corporate Networks are Key Targets for Cryptojacking

It’s hard to escape hearing about cryptocurrency these days. But this new monetary system is not utilized by a large percent of the population, and is incredibly complex, so many of us are left to simply smile and nod when it’s brought up in conversation. However, the days of being able to ignore cryptocurrency are over. Even if you don’t use it, you’re now at risk of being adversely affected by it through cryptomining malware, also known as cryptojacking. Read on to find out what cryptocurrency is, how cryptojacking is on the rise, and how you can protect your organization.

Cryptocurrency at a Glance

Cryptocurrency is digital currency that is heavily encrypted in order to ensure secure, verifiable transactions. The strong cryptography, encoding based on highly complex mathematical algorithms, also provides a strict control on creating additional units of currency, preventing counterfeiting. Examples of cryptocurrency include Bitcoin and Monero, but these are far from the only options. There are currently over 4,000 variants of cryptocurrency, and more are likely on the way.

Cryptocurrency is an alternative currency that is not regulated by governments, and instead relies on decentralized controls for authentication. Essentially, this means that transactions are maintained through a communal effort, referred to as a distributed ledger. While there are multiple types of distributed ledger, the most common is a blockchain, which is what Bitcoin uses.

A distributed ledger is essentially an encrypted database that is shared, replicated, and synchronized on multiple users’ computers. Each copy of the database is in contact with every other copy to ensure consensus when a new batch of transactions are added to the ledger. Having a record of every single transaction in the history of the currency ensures that people cannot double spend their digital money. However, before a record is added to the ledger, it must be authenticated. This is where cryptomining comes in.

The Purpose of Cryptomining

Every time a new transaction occurs, a cryptominer validates that transaction. Since digital currency is so heavily encrypted, the verification of these records takes up a lot of time and computing power. Because of this, cryptominers are paid for their trouble through the creation of a token of digital currency – typically only a few dollars per transaction.

Transactions can take hours to be validated on a regular personal computer, so it is difficult for an individual with a single computer to earn much money. Additionally, an element of competition is introduced to increase the efficiency of verification.  More than one miner can work on a transaction – but only the fastest miner earns the digital coins. The only way to validate transactions faster is with more processing power.

The Rise of Cryptojacking

You can probably see where this is headed. This earning incentive and need for processing power has led to a new type of digital attack, called cryptojacking.

This cryptomining malware infects a computer system like a parasite, sucking the processing power to use it to mine for cryptocurrency. This allows cryptominers to mine more transactions faster, turning a way to make a couple extra bucks into a major payout. Unfortunately, it leaves the victims with painfully slow systems, or ones that end up crashing altogether.

Why Are Organizations At Risk?

When it comes to cryptojacking, the more power, the better. Consequently, organizations with multiple computers and servers make perfect targets. For example, the malware dubbed PowerGhost targets corporate networks specifically. Cryptojacking is steadily growing more sophisticated. Now, it can also spread through websites, targeting organizations in a different way. Just last week, a coin-mining script was injected into the Make-A-Wish Foundation website, which allowed it to use the computing power of any visitor to the site.

Cryptomining Malware Focusing on Linux

Cryptomining malware is also beginning to focus on Linux, a popular operating system for organizations’ powerful servers. A new piece of malware, identified as Coinminer.Linux.KORKERDS.AB, was detected earlier this month. It targets Linux systems, granting itself root privileges to get full access, and is able to update and upgrade itself even after deployment. Additionally, a hacking group called Outlaw was discovered to be using a bot to search the internet for vulnerable Linux systems to attack.

Protect Your Server

Cryptojacking isn’t going anywhere. In fact, it is only gaining in popularity, gearing up to be the most common type of threat in 2019. Organizations need to have solid antivirus protection as their first line of defense. However, you can’t focus just on workstations. Server side protection is critical, as they are a primary objective for miners looking for large power sources.

Powertech Antivirus provides server-level malware protection for organizations running Linux, AIX, and IBM-i. Since new threats are emerging every day, Powertech Antivirus predictive analysis has particular importance, as it detects new pieces of malware before they become widespread, so you're never caught off guard.