Saturday November 17, 2018
Home Lead Story Hackers ditch...

Hackers ditch ransomware attacks, move to cryptojacking: Symantec

Mobile users also face privacy risks from grayware apps that are not completely malicious but can be troublesome

0
//
cloudhopper
Russia, North Korea and Iran are the most active in hacking financial institutions, while China is the most active in cyber espionage. Wikimedia Commons
Republish
Reprint
  • Hackers are no more using ransomware attacks
  • They are now cryptojacking
  • India is the second largest Asian country which witness this

When it comes to increased cryptojacking activities, India is second in the Asia-Pacific and Japan (APJ) region and ninth globally as hackers create a highly-profitable, new revenue stream with crypto-mining, cyber security giant Symantec said on Wednesday.

According to Symantec’s “Internet Security Threat Report”, detection of coinminers on endpoint computers increased by a whopping 8,500 per cent in 2017.

cryptocurrency dealer Pluto Exchange on Thursday announced the launch of mobile application for transacting in VC. Wikimedia Commons
Coinmining is taking place in high number. Wikimedia Commons

“Cryptojacking is a rising threat to cyber and personal security,” Tarun Kaura, Director, Enterprise Security Product Management, APJ at Symantec, said in a statement. “The massive profit incentive puts people, devices and organizations at risk of unauthorised coinminers siphoning resources from their systems, further motivating criminals to infiltrate everything from home PCs to giant data centers,” Kaura added.

Cryptojacking is defined as the secret use of a computing device to mine cryptocurrency. With a low barrier of entry cybercriminals are harnessing stolen processing power and cloud CPU usage from consumers and enterprises to mine cryptocurrency. Coinminers can slow devices, overheat batteries and in some cases, render devices unusable. For enterprise organisations, coinminers can put corporate networks at risk of shutdown and inflate cloud CPU usage, adding to the cost.

Also Read: From paper to plastic to Bitcoins: Changing money with time

“Now you could be fighting for resources on your phone, computer or Internet of Things (IoT) device as attackers use them for profit. People need to expand their defenses or they will pay for the price for someone else using their device,” Kaura added.

Symantec found 600 per cent increase in overall IoT attacks in 2017. India today ranks among the top five countries as a source for IoT attacks. The firm also identified a 200 per cent increase in attackers injecting malware implants into the software supply chain in 2017.

Hacking puts a lot of things at risk. VOA

Threats in the mobile space continue to grow year-over-year, including the number of new mobile malware variants which increased by 54 per cent. Mobile users also face privacy risks from grayware apps that are not completely malicious but can be troublesome. Symantec found that 63 per cent of grayware apps leak the device’s phone number.

In 2017, the average ransom cost lowered to $522. “Several cyber criminals may have shifted their focus to coin mining as an alternative to cashing in while cryptocurrency values are high,” the report noted. IANS

Click here for reuse options!
Copyright 2018 NewsGram

Next Story

Facebook Requests People To Re-Login Into Their Accounts To Secure From Hackers

Facebook said it does not know who is behind this massive security attack.

0
Fake News, Facebook, dating
This photo shows the logo for Facebook on screens at the Nasdaq MarketSite, in New York's Times Square. VOA

After Facebook admitted that hackers broke into nearly 50 million users’ accounts by stealing their “access tokens” or digital keys, cyber experts on Saturday warned over 2.3 billion users to log out and log back into Facebook, or any of third-party apps that use Facebook login.

Facebook has reset the access tokens of almost 50 million accounts it knew were affected. It has also taken the precautionary step of resetting access tokens for another 40 million accounts that have been subject to “View As” look-up in the last year.

“For now, logging out and back in is all that is necessary. The truly concerned should use this as a reminder and an opportunity to review all of their security and privacy settings on Facebook and all other social media platforms,” Chester Wisniewski, Principal Research Scientist with global cyber security major Sophos, told IANS.

Facebook
This Feb. 19, 2014, photo shows the social media giant’s app icon on a smartphone in New York. VOA

According to Dr Gary McGraw, Vice President of Security Technology, Synopsys (Software Integrity Group), this breach emphasises just how important software security is, and how subtle solid security engineering can be.

“When a feature like ‘View As’ can be turned on its head into an exploit, it indicates a design problem that led to unanticipated security vulnerability,” noted Dr McGraw.

“Design flaws like this lurk in the mind boggling complexity of today’s commercial systems, and must be systematically uncovered and corrected when software is being designed and built,” he added.

Facebook
CEO Mark Zuckerberg delivers the keynote address at a Facebook developers conference in San Jose, California. VOA

If you’ve ever wondered what keeps you logged into your account even after you restart your laptop/browser – those are access tokens (cookies).

They maintain a constant session even when your IP changes.

“In this case, hackers were able to steal these tokens, which basically means the hacker could fool Facebook servers to believe they are the authorised users of the target’s account that would give the attacker, complete access of the target’s account,” said Saket Modi, CEO and Co-Founder of Lucideus, an IT risk assessment and digital security services provider.

According to experts, they don’t know for how long the vulnerability existed, who the hackers were and the extent of damage that might have been caused in terms of stealing not only one’s profile data but, in this case, potentially the personal messages, pictures and chats, among others.

Facebook
Silhouettes of mobile users are seen next to a screen projection of Facebook logo in this picture illustration. VOA

“As a precaution, all Facebook users must log out and re-login into all the gadgets that they have their Facebook session active like your cell phone (app or browser), laptop and desktop, etc,” Modi advised.

Facebook said it does not know who is behind this massive security attack.

Also Read: Facebook Suffers From Data Breach Putting 50 Mn People at Risk

“We’re working hard to better understand these details and “we will update this post when we have more information, or if the facts change,” said the company.

In the Cambridge Analytica scandal, data of nearly 87 million people was breached upon. (IANS)