Experts: How Hackers Use Botnets to Mine Money

This post is also available in: עברית (Hebrew)

2626461_m featureTwo security experts demonstrated how hackers can exploit cloud services to build money-mining botnets.

Cloud computing is becoming the paradigm most abused by cybercrime, cloud architectures represent privileged targets of cyber criminals that desire to steal data they contain or to abuse their resources to conduct cyber attacks, the reported.

Two researchers, Rob Ragan and Oscar Salazar, have recently demonstrated how it is possible to use a cloud infrastructure to legally mine crypto currency. The researchers have developed a free LiteCoin-mining botnet that has generated $US1750 a week using free cloud sign up promotions. The automatic tool was used recruit machines for the mining botnet across some 150 popular free services that each generated about 25 cents a day, the researchers will present the exploit to the next BlackHat conference.

The researchers are convinced that cybercrime will soon exploit similar techniques to turn cloud hosting services in “free supercomputer”.

iHLS – Israel Homeland Security

The attack schema designed by the researchers relies on application-hosting services that lack security for sign-up procedures, this circumstance has made possible the creation of 1,000 non-existent users on 150 websites which offer cloud application services. The experts haven’t revealed the name of the cloud hosting service providers they successfully exploited to avoid that cybercrime will immediately emulate them.

The two created the botnet starting from a self-made list of fake email addresses, the fake customers didn’t raise any suspicions in the companies which were providing the services. As explained by the researchers, many of the companies targeted use cloud services resold from Amazon, for this reason it could be very difficult to prevent such kind of attacks.

Imagine a distributed denial-of-service attack where the incoming IP addresses are all from Google and Amazon, that becomes a challenge. You can’t blacklist that whole IP range.”Ragan said. It is clear that the technique adopted by the researchers “violates” the majority lot of terms-of-service, the researchers once completed the experiment have dismantled their botnet.