1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Free cloud dev accounts are being abused for crypto mining

    From TechnologyDaily@1337:1/100 to All on Wed Oct 26 15:15:04 2022
    Free cloud dev accounts are being abused for crypto mining

    Date:
    Wed, 26 Oct 2022 14:03:35 +0000

    Description:
    Hundreds of accounts abused in freejacking attacks, costing service providers thousands.

    FULL STORY ======================================================================

    Criminals have been abusing free cloud accounts on CI/CD providers to mine cryptocurrencies, but the threat campaign holds more than meets the eye, experts have warned.

    Cybersecurity researchers from Sysdig uncovered more than 30 GitHub accounts, 2,000 Heroku accounts, and 900 Buddy accounts abused in an activity known as freejacking (hijacking free accounts). The researchers dubbed the campaign Purpleurchin, and describe it as an attempt to run cryptominers in as many environments as possible, as hands off as possible.

    By using free accounts, the cost of mining cryptocurrencies (which is always relatively high) is shifted to the service provider (in this instance,
    GitHub, Heroku, and Buddy). Huge damages

    After analyzing the campaign, Sysdigs researchers estimated that every free GitHub account created by Purpleurchin cost the platform $15 a month. All things considered, it would cost the platform some $100,000 for the threat actor to mine one Monero token (one token is currently worth approximately $150).

    But the attackers are not mining Monero just yet. Theyre actually trying to mine a bunch of obscure coins, including Tidecoin, Onyx, Surgarchain, Sprint, Yenten, Arionum, MintMe, and Bitweb. Apparently, the entire campaign is
    hardly profitable. Read more

    Microsoft warns cryptojacking is still a major threat, despite crypto
    winter


    Linux systems are being bombarded with ransomware and cryptojacking
    attacks


    Check out the best endpoint protection services around

    This has prompted the researchers to believe that all of this is either still an experiment or an attempt to take over the underlying blockchains.

    If its an experiment, the threat actors are just testing it out to see if the method works, before moving on to more prominent tokens (such as bitcoin or monero). As for attacking the blockchain - proof-of-work networks (on which coins can be mined, as opposed to proof-of-stake coins that are all
    pre-mined) can be taken over by an entity if it can hold 51%+ of the hash power (mining power). That would give that entity the ability to roll the blockchain back, engage in double-spending, and similar. It would also run
    the tokens price into the ground, though.

    The addresses to which the miners should send the mined tokens are hidden, making it impossible to determine the success of the campaign, or identify
    the attackers. Here's our rundown of the best firewalls right now

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/free-cloud-dev-accounts-are-being-abused-for-cr ypto-mining/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)