Businesses and individuals are just waking up to a very common type of IT threat tied to cryptocurrencies and related to the hijacking of vulnerable networks.
It’s called cryptojacking – and it’s coming soon to a theater near you.
Cryptojacking affects thousands of devices and networks. Now, this week, the security community is getting breaking news that some hackers are even embedding cryptojacking malware in some fairly innocuous vehicles.
Reports from Cryptoground show the discovery by Palo Alto Networks that cryptocurrency miners are pushing fake flash updates to users in order to get cryptojacking malware in place.
“Cryptocurrency mining malware is being pushed into the computers of unsuspecting users in the form of fake flash updates,” wrote Vivek Sancheti, describing how a new attack can make use of bandwidth for unscrupulous coin miners. “These fake updates make use of pop-up notifications from the official adobe installer, convincing the users that this might be a genuine update. The update would first install the miner and then update the flash player to the latest version, so that users don’t suspect anything unusual.”
It’s easy to see how this would work for many users – people are used to seeing Flash updates pop up, and they trust Adobe, so they click “yes” and let the Trojan in.
Cryptojacking is, of course, a much more widespread problem than just this one form of fraud: of the $650 million that Business Insider estimates as “stolen” in just the first quarter of this year, a significant amount consisted of cryptocurrencies mined unwittingly by third-party computers and devices. It takes a lot of processing power to mine Bitcoin – so if you can do it with someone else’s equipment, you’re making handy profits – although your running afoul of business ethics and, potentially, the law.
The question for many investors is whether cryptojacking is going to lead governments and regulators to crack down on all cryptocurrency platforms.
“As cryptocurrency proliferation continues, digital thieves see opportunity,” writes Tyler Elliot Betillyon at Medium. “It’s easy to understand why, the cryptocurrency space is ‘pre-regulation,’ and it’s an industry where nascent technology is used by people who don’t fully understand it, to hold and transfer entirely digital assets.”
The article goes on to show how complex and deceptive practices carry cryptojacking to every corner of the globe.
As crypto investors look into the crystal ball to see how this might affect cryptocurrency markets, regulators are weighing in – in the middle of September, two agencies, the Financial Industry Regulatory Authority or FINRA and the Securities and Exchange Commission or SEC fired a shot across the bow at some cryptocurrency holding parties on the grounds of false advertisement.
Cointelegraph reports that another happening in September involved a New York judge ruling that securities laws can be applicable to cryptocurrency fraud allegations.
Could this be the beginning of a regulatory process to reign in various forms of cryptocurrency mining? And which way will this push stocks? With Bitcoin itself hovering around the $6,500 mark for weeks, many investors see the market as currently stable – but anything could change between now and whenever regulators start to get aggressive about taking on cryptojacking.