A recent cybersecurity report has said that the privacy protocol Monero was used in most cryptojacking attacks this year. Monero remains one of the most-used among illicit groups due to its strong security-features, one that even the US Security and Exchange Commission is breaking into.
Monero appears on top
The report by Aqua Security titled “Attacks in the Wild on Container Infrastructure,” claims that to have analyzed over 16,371 attacks on software vessels and cloud-native organization over June 2019 and July 2020.
Cloud servers, which power the majority of the world’s enterprising computing software in an online location, remained a significant target for cryptojacking, or illicit mining of cryptocurrencies using a victim’s calculating power-knowledge. The attacks are said to siphon hundreds of millions of dollars each year.
According to the report, cryptojacking attacks in the second half of 2019 and early months of 2020 were surged by over 250%. Cryptojacking accounted for an astounding 95% of the 16,371 cyber-attacks that were registered during the period.
The firm noted that the hackers mainly used Monero-based mining tools in cryptojacking attacks. For the inexperienced, Monero is a privacy-first cryptocurrency that obscures the user addresses and transactional trails; this makes it extremely difficult to trace correctly.
Aqua Security stated that XMRig, a well-known Monero mining app, was also used in some events to deploy the attacks. The firm elaborated:
According to Aqua Security, organized cybercrime groups’ involvement had led to both an increased occurrence of such attacks and their complexity. This, in turn, has caused the proceeds earned by cryptojacking to increase each year, the firm noted.
The hacker groups have been recently orchestrating supply-chain attacks, from scanning the internet for cloud servers exposed online without a password, exploiting vulnerabilities in unpatched systems, and carrying out forceful attacks, the firm added.
Meanwhile, it added that the malware stored inside malicious software directories on victim computers perform malicious actions only after being installed, making it impossible to detect static analysis or signature-based security systems.
Another cybersecurity firm, Symantec, had confirmed the reports. Earlier this year, the firm said that cryptojacking attacks had risen by over 163% in the second quarter of 2020 alone and were expected to increase.