IBM X-Force threat intelligence service has identified a remarkable increase in computers infected with CPU mining malware during 2017.
One report theorizes that cyber attackers turn to this flavor of mining malware because, even though CPU mining is not worthwhile on an individual level, hackers often control botnets containing thousands of infected computers. Since they do not have to foot the cost of electricity, what little profit each individual computer makes quickly adds up. The X-Force team found that a standard Intel i5-6500 4 core processor running an Ubuntu server could net about $2.35 per month. Hackers most commonly used the botnets to mine anonymous CryptoNote currencies such as Monero and Bytecoin.
The attacks were often deployed using steganography, the practice of hiding data within image files. After hiding the malware inside a fake image file, the hackers placed them on compromised web servers.
According to the report, the manufacturing and financial services sectors tied at 29% for the highest volume of CPU mining attacks. They stated that many of the attacks exploited inexcusable lapses in security, such as failing to validate input fields on web applications.
Notably, the researchers found that Internet of Things (IoT) devices are not attractive to hackers, despite the fact that they are often vulnerable to exploits. Due to their low computing power, even a 1 million-device botnet would likely not produce enough profit to justify the effort to create and maintain it.