menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Info. Security News News

>

Disrupting...
source image

Securityaffairs

2w

read

198

img
dot

Image Credit: Securityaffairs

Disrupting the operations of cryptocurrency mining botnets

  • Cybersecurity researchers devised two attack techniques to disrupt the operations of cryptocurrency mining botnets.
  • Akamai Researchers uncovered two novel techniques to disrupt cryptocurrency mining botnets by exploiting flaws in common mining topologies.
  • Current methods to stop cryptocurrency mining botnets are pool bans or infrastructure takedowns, however, both are slow and complex.
  • Researchers developed two techniques exploiting vulnerabilities in the stratum protocol to disrupt operations by targeting proxies or wallets, potentially forcing attackers to abandon campaigns.
  • XMRogue tool was developed to disrupt cryptomining botnets using mining proxies by submitting consecutive bad shares and potentially banning the mining proxy from the pool.
  • Crafted invalid shares through Stratum to malicious proxies trigger pool-level bans, halting the attacker’s operation.
  • In tests conducted by Akamai, one campaign's annual revenue was reduced from $50K to $12K, a 76% drop, by banning proxies.
  • Akamai's second method targets miners connected directly to public pools without proxies by flooding the pool with over 1,000 login attempts using the attacker's wallet.
  • The disruption can significantly hinder the attack, as the wallet gets temporarily banned for an hour.
  • Researchers demonstrated the technique targeting Monero miners, which can be adapted to other cryptocurrencies.
  • Defenders can disrupt malicious cryptominer campaigns by exploiting mining pool policies without affecting legitimate miners.
  • Attacks targeting wallet addresses added an additional layer of disruption for cryptominers, making it challenging for attackers to monetize effectively.
  • Implementing these attack techniques with XMRogue tool helps in disrupting attacker's operations effectively.
  • The report concludes that the threat of cryptominers will continue to grow, but defenders now have tools to fight back and make it challenging for attackers to monetize effectively.

Read Full Article

like

11 Likes

share

2 Shares

For uninterrupted reading, download the app