The week in security: Cybercriminals eyeing new opportunities from cryptocurrency miners

Cryptocurrency mining has become an increasingly favoured pastime of malware authors, who are looking past their malware fun with the 2018 PyeongChang Winter Olympics and are recognising new revenue opportunities – and opportunities to exploit a new area with exploits such as the compromise of an accessibility tool that served up a cryptocurrency miner to thousands of Web sites.

An IBM analysis traced the movement of the well-established Trickbot banking Trojan’s move to cryptocurrency exchanges, reflecting a trend that is likely to grow over time.

Old favourites were still in vogue, however, with Valentine’s Day offering the usual surge in malware that exploits poor patching habits and user education to create major issues for enterprises.

This month’s launch of Australia’s New Payments Platform (NPP) offered another new security vector, with concerns that the immediate clearance of funds would provide an exploitable systemic flaw by which fraudsters can take the money and run.

Microsoft added features to check for Meltdown and Spectre status within its Windows Analytics tools, even as Intel offered a $US250,000 ($A312,000) reward for bugs worse than Meltdown and Spectre.

Authorities warned end-user customers not to get too alarmed about the recently-discovered ‘Prime’ Meltdown and Spectre exploits, even as Intel revealed that it has already been hit with 32 separate lawsuits about the bugs.

Meanwhile, Microsoft was testing a blockchain-based self-sovereign ID system, while UK authorities were arguing that fingerprint scanners can help the preservation of citizens’ fundamental human rights.

Tags cyber crimecyber criminalscyrpto currency

Show Comments