This PaymentSource article indicates that cryptomining viruses skip right through traditional virus detectors. The idea that criminals are simply stealing cpu cycles to mine crypto currencies appears quaint compared to others that steal payment credentials and leak personally identifiable information:
“Cryptomining attacks can be surprisingly hard to detect with slower performance and increased latency potentially going unnoticed for extended periods of time, and even when variations are noted, they can be mistakenly attributed to other causes.
Undetected for extended periods of time, the attacker can lay cryptomining scripts for future malware or ransomware attacks. This can create quite a bit of work for an organization to find all these infections, eradicate them and prevent the attacker from returning.
All too often, the first indicator of compromise is from a sharp spike in CPU usage versus a detection of the actual attack.
Regrettably, antivirus solutions, firewalls, secure web gateways and URL filtering cannot reliably detect cryptominer code and have proved ineffective at preventing it from auto-executing within endpoint browsers. Attackers are also now increasingly targeting IoT devices, which may not have the same level of security controls available or applied.”
These viruses can get expensive when a cloud instance is high jacked. For example, this article from Dome9 indicates that one cloud GPU instance, the p3.16xlarge, costs $24.48 per hour which can add up if the virus isn’t detected quickly. This same article provides some common sense prevention techniques all of which are identical to protecting implementations from account takeover attacks.
Given the malicious environment we live in today, I’d count my blessings if the only problem I had after an account takeover was a slow system, a large bill, and a richer criminal. As miserable as this would make my life it’s sure better than losing millions of payment credentials and personally identifiable information – so stay vigilant!
Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group
