That the NSA could be spying on you is probably something you are aware of, and most probably even made peace with. However, what happens when the same tools used by the government fall on the wrong hands? They use them to mine cryptos. According to a new report released today, September 19, a group of hackers has been exploiting a software flaw exposed by leaked government documents to hack into computers and mine cryptos.
The report revealed that cryptojacking incidences have spiked by over 450 percent in 2018, attributing the increased incidences to an NSA tool that was leaked in late 2017 which has been used by North Korean and Russian hackers in the past to infiltrate strategic targets. Now, the tool is being used to mine cryptos, and the hackers show no sign of slowing down with their lucrative venture.
In The Wrong Hands
Cases of cryptojacking have become quite common in the past two years, with even some of the most trusted websites being found to have used their visitors’ computers to mine cryptos without their knowledge or consent. And now, it’s the very tools that were designed to protect the citizens that are being used against them.
According to the research conducted by the Cyber Threat Alliance, hackers are using the tools to mine cryptos illegally, with Monero being the overwhelming favorite. The privacy-focused crypto leads the reported cryptojacking cases at 85 percent, with Bitcoin being second at a mere 8 percent.
The tool being used is known as Eternal Blue, the research by the alliance reveals. Eternal Blue was leaked in 2017 and exploits vulnerabilities in outdated Microsoft Systems software. The tool reportedly revealed to hackers a previously unknown vulnerability and they have not been shy about exploiting it, Bloomberg reports.
Cases of illegal crypto mining have gone up a worrying 459 percent this year, the report by Cyber Threat states. The alliance, which was formed in 2014 by the leading firms in the cybersecurity space, fosters collaboration between these firms to fight against cyber threats. Some of the principal members include Fortinet, Symantec, Cisco, Palo Alto Networks and McAfee.
Expectedly, a majority of these cryptojacking cases are reported in the U.S, but some other countries have isolated cases. Most of the victims never realize that their computers are hacked, with the mining software working in the background. According to a report released by California-based cybersecurity firm Symantec in March, cryptojackers are only becoming more aggressive and are even hacking smartphones and using them to mine cryptos.
Compared to traditional tools used by cybercriminals such as ransomware, cryptojacking is much easier and profitable and while victims could protect themselves from ransomware with anti-virus software, they become vulnerable to cryptojacking malware when they visit the wrong sites and apps.
As the new hacking tools exploit vulnerabilities in outdated Microsoft software, users can protect themselves by applying a software update that was released in March 2017, Jeff Jones, a senior director told Bloomberg.
Eternal Blue was stolen from the NSA last year in what has been labeled as the worst security breach in the agency’s history, worse than the Edward Snowden leak. To date, the agency has yet to find out whether the tools were lost through a hack or if there’s a leak in the agency.
According to the New York Times, three employees have already been fired, with the agency subjecting most of its employees to polygraphs. The stolen tools have been used by North Korean and Russian hackers to infiltrate strategic targets including Mondelez International, the makers of Oreo cookies, FedEx’s European operations and other targets in the U.S, Britain and Indonesia.