Hackers are illegally generating Monero, Bitcoin and other cryptocurrencies by exploiting a software flaw that was leaked from the U.S. government, according to new research, raising questions about the security of one of the fastest-growing corners of financial markets.
Detected cases of illicit cryptocurrency mining, the digital equivalent of minting money, have surged 459 percent in 2018 compared to last year, Cyber Threat Alliance said in a report released Wednesday.
The spike is tied to the 2017 leak of Eternal Blue, a tool to exploit vulnerabilities in outdated Microsoft Systems software. When the tool became known, it tipped hackers to a previously unknown flaw in the software, now the basis of some hackers’ efforts to commandeer computing power of others to generate digital currency.
As of July this year, 85 percent of all illicit cryptocurrency mining has targeted Monero, according to the report. Bitcoin made up about 8 percent, while other cryptocurrencies accounted for 7 percent.
Hackers can "sit back and watch the money roll in," said
Bitcoin and other cryptocurrencies are generated through a process of solving complex mathematical equations, which requires significant computing power. Most users and investors lack the means to create, or mine, cryptocurrency and simply buy it from an online exchange. When hackers illicitly generate currency using others’ computers, it creates free money for them and could erode the overall value of the currency by increasing its supply.
Eternal Blue was allegedly stolen from the National Security Agency and leaked last year in an unsolved breach by a hacking group that calls itself the
The code gained notoriety when Russia and North Korea used it in massive attacks. In the first instance, known as
“A security update was released in March 2017. Customers who applied the update are protected,” Jeff Jones, a senior director at
The NSA declined a request for comment.
"The threat of illicit cryptocurrency mining represents an increasingly common cybersecurity risk for enterprises and individuals," according to the report. And the “rapid growth shows no signs of slowing down.”