, 2022-05-16 16:25:03,
A rise in the popularity of cryptocurrency-based crime, doubled with a lack of regulation, has paved the way for cybercriminals to extort vast amounts of money from legitimate organizations.
These payouts have produced a sophistication around nonstate-sponsored threat actors, as they now have the funds to expand their operations and capabilities.
Security researchers estimated that the infamous Conti ransomware gang’s revenue has surpassed $2 billion — most of which involved cryptocurrencies. Its success has seen the group grow, so much that it essentially has an HR department to serve and train employees. It even pays employees and associates in digital currencies.
Defending an organization from attacks is an endless game of cat and mouse, as threat actors only need to be right once, but defenders must always be right. When it comes to cryptocurrencies, however, the game is more nuanced than it sounds. To understand the situation, let’s look at how cryptocurrencies enable both attackers and defenders.
Keep an eye out for cryptominers
In a world where compromise is inevitable, organizations should be grateful when the objective of an attack is cryptomining. In cryptomining, hackers use their victims’ computer power and electricity to fill cryptowallets, which pales in comparison to destructive objectives, such as ransomware.
It’s tricky to ascertain a hacker’s motivations, but a miner’s two primary intentions are the following:
- Mining is the secondary objective that enables an immediate monetization, while attackers advance to their primary objective, such as ransomware or data exfiltration.
- Mining is the primary objective, which could be a way for an ethical hacker to get money in the absence of a bug bounty, for example, an act of Robin Hood…
To read the original article, go to Click here