Microsoft uncovers cryptojacking ploy used to breach Linux devices

News
By Kevin Okemwa
published

Attackers could be generating cryptocurrency on your Linux device secretly.

Hacker
(Image credit: Future)

What you need to know

  • Linux-based and IoT devices are the latest victims of cryptojacking.
  • Hackers are compromising these systems to access your device resources and generate cryptocurrency secretly.
  • Attackers used custom and open tools to breach these systems.

Microsoft recently discovered a new campaign being leveraged by attackers to breach and access Linux-based and IoT devices. The attackers are using a technique called cryptojacking to lure unsuspecting users to their traps, as seen over at TechRadar

Cryptojacking is a technique where hackers are able to make use of your resources without your knowledge and use them to generate cryptocurrency. And with the eminent growth of cryptocurrency across the world, attackers are now more invested in this technique than ever. 

Read more

- Microsoft Edge adds crypto wallet
- Microsoft bans mining on cloud services
- Former crypto miner weighs in on hash rates

As highlighted by Microsoft analysts, Linux-based and IoT systems are the latest targets for this deceitful ploy. Per their investigation, the hackers used custom and open-source tools to deploy attacks to these systems.

According to the report, attackers were able to gain access by "brute forcing credentials" into these systems. After this, the point shell history feature in Linux devices was disabled automatically. The OpenSSH archive was then compromised, ultimately allowing the malware to attack the system.

Additionally, this technique also shuts out other cryptomining tools already deployed in your system by restricting access to your device resources. It also blocks out hosts and IPS with any links to the cryptomining scam.

Per the analysis findings, the campaign has been traced back to ‘cardingforum’ user asterzeu, who is believed to be behind the hit. The investigation further indicates that the Hiveon OS is the attacker's main target. 

For those not conversant with the platform, it's basically an operating system that helps users keep their crypto farms at their peak and allows them to monitor stats in one convenient location. Linux users often use it for cryptomining. 

As such, it's important to ensure that your systems are well-updated and that elaborate security measures are in place to shield you from such attacks.

And while none of the systems listed above are linked to Microsoft, the company sees the campaign as a potential threat. It could make its way to Windows devices if not remedied in good time, giving hackers a chance to develop ingenious ways to expand their reach.

Kevin Okemwa
Kevin Okemwa
Contributor

Kevin Okemwa is a seasoned tech journalist based in Nairobi, Kenya with lots of experience covering the latest trends and developments in the industry. With a passion for innovation and a keen eye for detail, he has written for leading publications such as OnMSFT, MakeUseOf, and Windows Report, providing insightful analysis and breaking news on everything revolving around the Microsoft ecosystem. While AFK and not busy following the ever-emerging trends in tech, you can find him exploring the world or listening to music.