What you need to know
- Linux-based and IoT devices are the latest victims of cryptojacking.
- Hackers are compromising these systems to access your device resources and generate cryptocurrency secretly.
- Attackers used custom and open tools to breach these systems.
Microsoft recently discovered a new campaign being leveraged by attackers to breach and access Linux-based and IoT devices. The attackers are using a technique called cryptojacking to lure unsuspecting users to their traps, as seen over at TechRadar.
Cryptojacking is a technique where hackers are able to make use of your resources without your knowledge and use them to generate cryptocurrency. And with the eminent growth of cryptocurrency across the world, attackers are now more invested in this technique than ever.
As highlighted by Microsoft analysts, Linux-based and IoT systems are the latest targets for this deceitful ploy. Per their investigation, the hackers used custom and open-source tools to deploy attacks to these systems.
According to the report, attackers were able to gain access by "brute forcing credentials" into these systems. After this, the point shell history feature in Linux devices was disabled automatically. The OpenSSH archive was then compromised, ultimately allowing the malware to attack the system.
Additionally, this technique also shuts out other cryptomining tools already deployed in your system by restricting access to your device resources. It also blocks out hosts and IPS with any links to the cryptomining scam.
Per the analysis findings, the campaign has been traced back to ‘cardingforum’ user asterzeu, who is believed to be behind the hit. The investigation further indicates that the Hiveon OS is the attacker's main target.
For those not conversant with the platform, it's basically an operating system that helps users keep their crypto farms at their peak and allows them to monitor stats in one convenient location. Linux users often use it for cryptomining.
As such, it's important to ensure that your systems are well-updated and that elaborate security measures are in place to shield you from such attacks.
And while none of the systems listed above are linked to Microsoft, the company sees the campaign as a potential threat. It could make its way to Windows devices if not remedied in good time, giving hackers a chance to develop ingenious ways to expand their reach.
