Cybercriminals looking to purchase malware are frequent flyers on dark web forums. Often, nefarious actors are in search of the attack that will deliver the greatest gains, which is why it might come as a surprise to learn that many criminals are rolling the dice on crypto-jacking connected devices.
Growing in popularity are cryptocurrency-mining malware activities that target the internet of things (IoT), according to Trend Micro. Crypto-malware is a quick way to make money by mining for cryptocurrency on a victim's computer. Traditionally, PCs have been the target of crypto-jacking because the criminals are able to leverage the central processing unit (CPU) of the targeted computer to mine for crypto-coins.
The very idea of mining for cryptocurrency on a connected device seems almost fruitless given that the devices themselves use far less power. "The computing power of smartphones and IoT devices is much lower than that of servers or even laptops," said Trend Micro. Still, the cryptocurrency-mining malware is out there in the wild and gaining popularity.
Yet the cybercriminals themselves aren't in agreement on whether such malware can really garner a profit. In one dark web forum, a malicious actor "offered a Monero miner for routers, available for different architectures. But he was immediately attacked by another member with [a] higher reputation, saying that it wasn’t worth anything, probably in consideration of the processing power of these devices," Trend Micro wrote.
Despite the opinion that there's little profit to be earned, many criminals seem willing to test the malware for whatever financial gain it yields. What's concerning about devices being mined is that there is potential for an attacker to actually destroy the device.
"While cryptocurrency mining is supposed to be secretive, there's always the possibility the attackers will push it too far and permanently damage the device – as demonstrated by some cryptojacking attacks which have blown up phones due to the amount of power consumption," ZDNet reported.
To protect devices against the threat of attackers mining their limited power for meager profit, Trend Micro recommends that connected devices be regularly updated with the latest firmware. The default credentials should also be changed to avoid unauthorized access. Additionally, it's a good idea to employ intrusion detection and prevention systems.