Botnets come in many forms, most often for nefarious uses such as DDoS attacks. The general acceptance of cryptocurrency investing has started to change that. Are these new botnets the next generation?
While cryptocurrency has been around for a number of years, it was highly stigmatized as a means of payment for illicit activities for the majority of its existence. In its infancy, miners collected vast amounts of coins for little value and traded them away for little return, as the now famous Laszlo Hanyecz paid 10,000 bitcoins in May of 2010 for two pizzas. While undoubtedly some individuals foresaw the currency as a means of addressing issues with common fiat money, the general consensus was that mining, or holding this currency was a way to potentially draw attention to yourself from government agencies. Despite being built on a measure of autonomy, the thought persists to this day.
General knowledge of cryptocurrencies only began to emerge a few years ago when news broke that the largest cryptocurrency at that time, Bitcoin, had hit a value of $30,000 dollars per coin. The interest waned slightly as it crashed soon after. This has now become a routine aspect in cryptocurrency markets which consist of high volatility and potentially high reward. In smaller cryptocurrencies, the risk of pump and dump scams are rampant and evidenced daily. Cryptocurrencies are currently an unregulated market in the United States, though SEC and IRS interest continues to grow. As of June 27th, 2021, the combined value of cryptocurrencies are in excess of $1.3 trillion, even having hit as high as $2.5 trillion in recent months. Certainly the coronavirus pandemic played its part as many workers stayed at home and looked for new avenues of employment or means to occupy their time, driving the market to all time highs. The market has cooled slightly as pandemic restrictions have been reduced and many individuals return to general work. Despite this, the value of cryptocurrencies can not be understated and likely will become more valuable over time. Just ask Laszlo Hanyecz whose 10,000 Bitcoins as of March 14th, 2021, would have netted him a cool $613 million dollars in value.
This rampant rise in cryptocurrencies, and the subsequent drive by world populations to get a piece of the pie as it were, has created a GPU shortage, used for crypto mining, and aspiring hackers have opted to use code and botnets to gain money for themselves. The virus called Crackonosh, while not specifically a botnet as they do not operate in tandem, can effectively be considered as a distributed network of computers who are lending their resources to the code author. This virus, apparently operating stealthily since 2018, infects systems through free software downloads that contain the malicious code.
(Let this be a lesson once again, nothing is free).
Once downloaded, this virus works to remove detection systems, including replacing specific files that make the system appear to still be secure such as antivirus and Windows Defender. By replacing these, and other critical files by abusing safe mode operations and renaming files, the virus is able to establish a hold on the system and dedicate resources to mine the cryptocurrency Monero. While this vulnerability was discovered at least six months ago by security researcher Roberto Franceschetti, Microsoft did not believe it to be high enough of an issue to address. This virus has been seen in at least 30 different iterations thus far. While this is not the first malicious code of its kind, it certainly will not be the last and with these programs becoming more aware of defensive measures and avoiding or removing them, cybersecurity researchers and defenders will continue to have a difficult time in preventing these intrusions when faced with the human element.
References:
Coin Market Cap. “Global Cryptocurrency Market Cap.” Retrieved 27 June 2021. Global Cryptocurrency Market Charts | CoinMarketCap
Lakshmanan, R. “Crackonosh Virus Mined $2 Million of Monero from 222,000 Hacked Computers.” 25 June, 2021. The Hacker News. Crackonosh virus mined $2 million of Monero from 222,000 hacked computers (thehackernews.com)
Tayeb, Z. “Bitcoin’s surge beyond $60,000 means the famed programmer Laszlo Hanyecz effectively paid $613 million for 2 pizzas.” 14 March 2021. Business Insider. Bitcoin Surge Means Laszlo Hanyecz Paid $613 Million for Two Pizzas (businessinsider.com)
Cybersecurity In Action 