One form of ransomware quickly making a name for itself is cryptojacking. With this type of attack, bad actors work to take over any system with processing power for the purpose of harnessing it to mine for cryptocurrency.
Crypto, or coin mining, is a popular activity in which the person doing the mining solves a complex coding problem. In turn, the person receives a financial reward. The process of mining comes with loads of system overhead and is very expensive to conduct.
Cryptojackers take over systems to eliminate these costs and to work around having to build or maintain resources themselves. These attackers use an assortment of proven hacking or ransomware-as-a-service (RaaS) toolkits to obtain access to systems. In doing so, attackers gain access to a large volume of data processing power—power specifically for mining.
Often, these activities are spread out to avoid arousing suspicion. While a compromised party may notice small slowdowns within their system, Cryptojackers work to avoid using too many resources from a particular system source. This keeps their victims in the dark longer, helping malicious parties increase revenue streams.
While this type of attack may seem better suited for small companies or individuals, it’s moving more into the enterprise space all the time. Some of the most nefarious cryptojacking efforts have targeted well-known names, including:
Although the attacks differed in various ways, the key point to remember is that most of them could have been prevented by adhering to security best practices, and from understanding how the ransomware tools are evolving.
Perhaps the most concerning aspect of ransomware is the ability of RaaS developers to create destructive code that’s adaptable to new attack vectors. These developers are investing more time in making ransomware code that can be used across multiple platforms.
One such tool is SysJoker, which can target Apple, Linux, and Windows-based operating systems. Linux-based code is being developed to run on Windows-based devices by using the Windows Subsystem for Linux (WSL) to stage and execute the code.
Although these types of attacks are uncommon, the success of this tool plus the airtight support model used by RaaS providers likely mean more are on the way.
Prevention remains the strongest ally in the fight against ransomware. As attacks expand into areas previously though untouchable by malicious code, administrators and security professionals need to perform the proper due diligence to harden their systems.