ETHERLive
ETHERLive delivers real-time price and volume data across 16+ exchanges to users in a clear and easy-to-understand package. Users can get up-to-the-second updates for each exchange/currency pair, as well as aggregated market averages for each exchange, currency, and the market as a whole. It also provides a global converted average of all the currency pairs monitored by ETHNews, converted to USD.

---

24hr ---
--%
Wednesday Oct 17th 2018
RESOURCES

The Basics

Learn the basics of Ethereum and various cryptocurrency technologies

Learn More

What is Ethereum?

Understand the underlying principles of the Ethereum Platform

Learn More

The Blockchain

Discover the revolutionizing technology known as the blockchain

Learn More
SUBMIT

Press Release

Submit a press release for consideration on ETHNews

Submit Press

Story / Dapp

Submit a story or DAPP to be considered for publication on ETHNews.

Submit Story

Explanation

Submit "Ethereum Explainer" content for consideration to be featured on ETHNews

Submit Topic
ETHNews Logo
---
--%
Home
News
Etherlive
Ether Price Analysis
Resources
Contact Us

Cybersecurity Group Links Illicit Mining To NSA-Developed Exploit

By

Tim

Prentiss

WriterETHNews.com

The Cyber Threat Alliance reports that an increase in cryptojacking stems from the 2017 leak of the NSA creation EternalBlue.

Instances of cryptojacking, the practice of stealing the processing power of computers for the purpose of mining cryptocurrency, have skyrocketed over the past year, increasing 459 percent according to a recent report issued by the Cyber Threat Alliance, a nonprofit membership organization chartered by the likes of Symantec and Cisco. And the cryptojackers are using a tool that won't seem to go away.

According to the report, cryptojackers are facilitating their attacks using EternalBlue, a vulnerability exploit conceived by the National Security Agency (NSA). The agency intended to keep the knowledge of the vulnerability to itself after discovering it, but in April 2017 the hacker group The Shadow Brokers obtained and publicly released the information. The exploit was quickly used in several high-profile cyberattacks, including the WannaCry ransomware.

Microsoft blamed the NSA in a public statement, saying, "This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem … We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world." Microsoft created a patch to eliminate the EternalBlue vulnerability, but according to the Cyber Threat Alliance, more than a year later many businesses still haven't installed the patch on their machines.

Though they are still using an old technique to breach the security of computer systems, cryptojackers do have some new tricks and are becoming more sophisticated. For one, they are now attacking machines other than just computers. "Attackers are increasingly targeting internet-of-things (IoT) devices, despite their lower processing power," the report claims. "The targeting of routers and media devices, such as smart TVs, cable boxes, and DVRs, are on the rise."

And when attacking computers, cryptojackers have new ways of evading detection. Some configure their software to the keep the CPU usage below a noticeable level. "[M]ore sophisticated attackers configured their mining software to only use 20 percent of the machine's CPU. Other examples stop mining when mouse movement is discovered."

The report also raised the possibility that cryptojacking could become a front on which nation-states begin attacking each other, especially over the long term, as more countries issue national cryptocurrencies. Cryptojacking could be used "as a form of economic warfare to destabilize economies," says the report. "Illicit cryptocurrency mining by malicious actors could be used to drive up inflation or initiate 51 percent attacks, limiting the ability of a central government bank to control their economies."

The good news, though, is that for now the Cyber Threat Alliance believes "network defenders have the ability to disrupt the activities of illicit miners by raising their costs and forcing them to change their behavior."

Getting that EternalBlue patch might be a good place to start.

Tim Prentiss

Tim Prentiss has a master’s degree in journalism from the University of Nevada, Reno. He lives in Reno with his daughter. In his spare time he writes songs and disassembles perfectly good electronic devices.

ETHNews is committed to its Editorial Policy

Like what you read? Follow us on Twitter @ETHNews_ to receive the latest NSA, EternalBlue or other Ethereum technology news.