September 19, 2018 9:35 PM
The Cyber Threat Alliance reports that an increase in cryptojacking stems from the 2017 leak of the NSA creation EternalBlue.
Instances of cryptojacking, the practice of stealing the processing power of computers for the purpose of mining cryptocurrency, have skyrocketed over the past year, increasing 459 percent according to a recent report issued by the Cyber Threat Alliance, a nonprofit membership organization chartered by the likes of Symantec and Cisco. And the cryptojackers are using a tool that won't seem to go away.
According to the report, cryptojackers are facilitating their attacks using EternalBlue, a vulnerability exploit conceived by the National Security Agency (NSA). The agency intended to keep the knowledge of the vulnerability to itself after discovering it, but in April 2017 the hacker group The Shadow Brokers obtained and publicly released the information. The exploit was quickly used in several high-profile cyberattacks, including the WannaCry ransomware.
Microsoft blamed the NSA in a public statement, saying, "This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem … We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world." Microsoft created a patch to eliminate the EternalBlue vulnerability, but according to the Cyber Threat Alliance, more than a year later many businesses still haven't installed the patch on their machines.
Though they are still using an old technique to breach the security of computer systems, cryptojackers do have some new tricks and are becoming more sophisticated. For one, they are now attacking machines other than just computers. "Attackers are increasingly targeting internet-of-things (IoT) devices, despite their lower processing power," the report claims. "The targeting of routers and