Cutting-Edge “PowerGhost” CryptoJacking Software Eyes The Corporate World
Crypto mining, or cryptojacking as it is better known by community insiders, has become a growing problem in this industry, with the presence of crypto-malware following 2017’s bull-run. According to ZDNet, researchers have recently uncovered a new form of cryptojacking software that is targeting corporate networks.
But first, a smidge of a background information about cryptojacking/crypto mining.
What Is Crypto Mining?
For those who are unaware, cryptojacking is a specific type of cybercrime that sees malicious hackers take control of a victim’s piece of technology, forcing the device to mine cryptocurrencies for the hacker’s personal gain.
Cryptojacking malware, although generating only a few cents per device affected, can easily sweep across thousands, if not millions of computers, netting the hackers with a nice reward. The medium of attack is usually an infected website, file, or media source that will install a malicious script onto the victim’s internet-connected device.
“PowerGhost” Malware Attacks Computers Worldwide
Researchers from Kaspersky Lab, a Russian cybersecurity firm, recently uncovered a cryptojacking software that was quickly dubbed “PowerGhost.” PowerGhost is a fileless malware that aims to secretly embed itself on a system and will propagate itself across a system of other PCs.
Kaspersky detected this software on a variety of corporate networks across the world, with affected firms in Brazil, Columbia, Turkey, and India getting hit the hardest. However, corporations were not only attacked in these four countries, with detections of PowerGhost also appearing in European and North American companies.
What makes a fileless variety of malware so damaging is that it can be extremely hard to detect by anti-malware programs, disguising itself in a system’s native processes and files. Once implemented successfully in the background of a computer’s processes, it will begin to mine a PC-mineable cryptocurrency like Ethereum, ZCash or Monero.
Infections of PowerGhost usually start with the utilization of computer exploits or “remote administration tools,” which will allow hackers to hide the malware not directly on the hard drive of the device.
Detection rates from Kaspersky products indicate that the malicious actors behind PowerGhost are targeting corporate networks, aiming to make higher returns in a shorter amount of time. Malware on a single corporate computer can quickly be replicated across a system of computers through a firm’s internal network.
Speaking on the PowerGhost software, David Emm, a principal security researcher at Kaspersky, wrote:
PowerGhost raises new concerns about crypto-mining software. The miner we examined indicates that targeting consumers is not enough for cybercriminals anymore – threat actors are now turning their attention to enterprises too. Crypto-currency mining is set to become a huge threat to the business community.
Malwarebytes: CryptoJacking Cases Are “Plateauing”
As reported by Ethereum World News last week, MalwareBytes, one of the Kaspersky’s primary competitors, recently released a report highlighting cybercrime in Q2 Of 2018. According to the aforementioned Malwarebytes report, cryptojacking is still a hot topic within cybersecurity circles, but detections of this method of cybercrime are starting to trend downwards.
While detection rates of cryptojacking are on the way down, researchers at ZDNet made it clear that corporate-centric crypto mining cases may become a large problem moving into the future, as non-detectable malware can pose a large problem for firms.