Cryptocurrency Mining Takes its Toll on AWS Servers

Cryptocurrency Mining Takes its Toll on AWS Servers

Bitcoin has skyrocketed over the last several years and has become the most coveted currency of today. Not belonging to any state or country, able to be used all over the world equally and immediately, and able to provide complete anonymity when doing business — these are some of its biggest draws. But like any other payment system, using Bitcoin carries with it a few processing fees. Specifically, it uses a great deal of energy used for mining, and requires high-powered hardware. This reality places companies, and their infrastructures, in the crosshairs of cybercriminals looking to make a profit with mining software, without the overhead costs of running servers themselves.

 A few days ago, hackers attacked thousands of computers around the world through an attack of ransomware, posing as the Amazon team. Now, they’ve turned their attention to the power of the cloud.  Companies that hire Amazon Web Services (AWS) and do not adequately protect their servers are especially at risk.

Amazon and the Cryptocurrency Business

Despite the many security services that companies can hire for their systems, studies reveal that 97% of the 1,000 largest companies in the world are affected by data breaches and ransomware. Today, thanks to the rise of cryptocurrency, there is a more profitable activity offered by hijacked corporate servers: mining Bitcoins.

The value of this virtual currency has already reached record highs, attracting more and more cybercriminals interested in making easy money. In recent months, threat reports analyzed by PandaLabs show a marked increase in malware installed via the Remote Desktop Protocol (RDP). We witness thousands of ransomware infection attempts every day, as well as attempts to hijack servers for bitcoin mining. These attempts have one thing in common: the access route being the RDP after obtaining credentials through a brute force attack. It’s the same story all over again, just with different characters. We’ve seen it with ransomware and RDP attacks, and now we’re seeing it with bitcoin mining in the business world.

When we think of cryptocurrency, we usually associate it with bitcoin, but there are plenty of others. Hundreds, in fact. Cybercriminals install miners for a whole array of coins, as we saw in a case we wrote about which involved mining software for Monero and took place before the WannaCry attacks.

This time, according to a report by RedLock Cloud Security Intelligence (CSI), Amazon Web Services servers were compromised by cybercriminals who were able to access the system. However, in an unusual development, hackers did not seek to steal data or block the servers, but rather sought to access the system’s power for bitcoin mining. According to the information disclosed by RedLock, Amazon was not the only company attacked, as Aviva and Gemalto, two multinationals, were also mentioned in the report as victims.

What to Do to Protect Your Server

This latest hack shows the importance of creating robust corporate passwords. They don’t even need to be hard to remember. And of course, do not pass up advanced cybersecurity solutions that monitor the organization’s systems in real time, detecting and stopping any suspicious behavior that could be harmful.