Security News > 2021 > February > Windows, Linux Devices Hijacked In Two-Year Cryptojacking Campaign

Windows, Linux Devices Hijacked In Two-Year Cryptojacking Campaign
2021-02-17 21:39

Cryptocurrency-mining malware, called WatchDog, has been running under the radar for more than two years - in what researchers call one of the largest and longest-lasting Monero cryptojacking attacks to date.

Thus far, attackers have hijacked at least 476 Windows and Linux devices, in order to abuse their system resources for mining Monero cryptocurrency.

The attackers behind this campaign are sticking to cryptojacking - but researchers warn that it is "Highly likely" they could find identity and access management data on previously-compromised cloud systems, due to the root and administrative access that's acquired during the malware implantation.

Go, an open-source programming language, has previously been utilized by various cybercriminals for various cryptojacking attacks, including TeamTNT and the developers of ElectroRAT. WatchDog's Go binaries each perform a specific functionality - including one that emulates the Linux watchdog daemon functionality by ensuring that the mining process does not overload or stop unexpectedly.

That's because the malware relied on a third-party to host its malicious payload - whereas WatchDog does not, allowing it to have remained active for more than two years, said researchers.

"Over the last six months, Unit 42 researchers have seen a 40 percent increase in network traffic to public mining pools, which indicates that more mining operations are taking place. The trend of more XMR mining operations appears to be following the increasing market value price of XMR.".


News URL

https://threatpost.com/windows-linux-devices-hijacked-in-two-year-cryptojacking-campaign/164048/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2532 1569 67 4232