Coindesk Logo

Desktop Crypto Mining Malware Is Disappearing but Cloud Computing Exploits Are Growing

Desktop Crypto Mining Malware Is Disappearing but Cloud Computing Exploits Are Growing

Desktop Crypto Mining Malware Is Disappearing but Cloud Computing Exploits Are Growing

A new report suggests that cloud containers are the next target for mining malware.

A new report suggests that cloud containers are the next target for mining malware.

A new report suggests that cloud containers are the next target for mining malware.

AccessTimeIconJul 24, 2019, 3:30 PM
Updated Aug 18, 2021, 12:51 PM

Presented By Icon

Election 2024 coverage presented by

Stand with crypto

A new report from Skybox Security suggests that desktop crypto mining malware popularity has fallen considerably this year but that cloud computing attacks - essentially attacks that create hundreds of infected computing containers online - has risen drastically in 2019.

"Use of malicious cryptominers — cybercriminals’ overwhelming tool of choice in 2018 — has declined to just 15 percent of malware attacks, with ransomware, botnets and backdoors rising to fill the void,” wrote the organization. “Vulnerabilities in cloud containers have increased by 46 percent compared to the same period in 2018 and by 240 percent compared to 2017.”

Crypto mining malware like “Nansh0u campaign” has infected tens of thousands of computers, forcing desktop computers to mine bitcoin and other cryptocurrencies via distributed control systems. This software focused on attacking healthcare, media, and IT companies and Guardicore Labs said that some software infected "700 new victims a day.”

The popular new attack vector, however, is cloud containers. These remote services powered by providers like Amazon and Google are often unattended and can be used to process the massive amounts of data needed to mine cryptocurrencies. What’s worse, hackers can replicate these containers instantly, creating a virtual army of zombie machines.

“Cloud technology and adoption has obviously skyrocketed, so it’s no surprise that vulnerabilities within cloud technology will increase,” said Marina Kidron of Skybox. “What is concerning, though, is that as these are published, the race is on for attackers to develop an exploit because launching a successful attack on a container could have much broader consequences. Compared to other technology, containers can be more numerous and quickly replicated. The attack footprint could expand rapidly, and number of victims may be extremely high.”

Unfortunately, vulnerabilities are growing. Skybox reported that companies will be “drowning in the vulnerability flood for some time.”

“More than 7,000 new vulnerabilities were discovered in the first half of 2019 — that’s still significantly more than figures we’d see for an entire year pre-2017,” the company wrote. Further, because these attacks cost compute cycles they can run up huge bills for victims, further adding financial injury to the attacks.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.