Bitcoin, monero and other popular cryptocurrencies are being mined by fraudsters who use EternalBlue, the US National Security Agency (NSA) hacking tool that was leaked last year, according to a recent report.
The report, published by the Cyber Threat Alliance (CTA), says detected cases of illicit cryptocurrency mining have skyrocketed to 459 percent in 2018 compared to last year. The surge is linked to the leak of EternalBlue, a tool to exploit vulnerabilities in outdated Microsoft Windows-based systems, the report says.
EternalBlue was leaked by the Shadow Brokers hacking group in April 2017. The leaked NSA exploit was then used in the notorious WannaCry and NotPetya ransomware attacks. Microsoft accused the US government of “stockpiling” cyber weapons for facilitating attacks.
“A patch for EternalBlue has been available for 18 months and even after being exploited in two significant global cyberattacks – WannaCry and NotPetya – there are still countless organizations that are being victimized by this exploit, as it’s being used by mining malware,” said a blog post by Neil Jenkins, chief analytic officer for the CTA.
The researchers said 85 percent of illicit cryptocurrency malware mines monero, with bitcoin corresponding for eight percent.
“Although monero is significantly less valuable than bitcoin, several factors make this the cryptocurrency of choice for malicious actors,” the report said.
Hackers prefer monero as it offers more privacy and anonymity, “which help malicious actors hide both their mining activities and their transactions using the currency,” the researchers said.
“Transaction addresses and values are obfuscated by default, making tracking monero incredibly difficult for investigators.”
For more stories on economy & finance visit RT’s business section