Amazon’s Cloud Services Hijack Computers Using Crypto-Mining Malware

Genius hackers are hijacking people’s computers to illegally mine crypto assets. There is one malware program that has been recently discovered hiding itself on Amazon’s cloud to exploit the processing power of a large number of ordinary computers.

These exploits increased highly last year according to the survey done by IBM Managed Security Services

As part of ongoing efforts to oversee the explosion of cryptocurrency mining malware since last year and beyond, many researchers have started focusing on a new threat that is gathered up on Amazon’s AWS cloud services, aiming at infecting computers and use their processing power to mine cryptocurrency.

Krishna Narayanaswamy, founder and chief scientist of Netskope, noted that very many computers using Windows Operating Systems have been seriously infected by the Xbooster malware to collect $100,000 worth of Monero. These skilled hackers are attacking computers to mine Monero that is more complicated to track than bitcoin because it’s in the sweet-spot of the amount of processing power required and the monetary advantage from the act.

“There are always newer ways of compromising machines. It’s amazing how many machines these threat actors manage to infect,” Krishna said.

Netskope indicated that the Xbooster malware is hosted in the cloud on Amazon Web Services (AWS) which helps a command-and-control server to install two programs on compromised machines. These programs include a manager that connects to the server and Monero miner.

Krishna noted that most people usually install this malware on their machines after clicking in a link “drive-by download” and this normally takes place via a compromised website that shows up in search results, an email campaign or the malware may be clustered together with other types of programs such as shareware and freeware.

AWS spokesman said that a lot of mitigation techniques are being applied that includes both automated and manual in order to tackle and control the misuse of the services. AWS has automatic systems in place that makes it easy to detect and block a lot of attacks before going out of their infrastructure. AWS has clear terms of usage that enables it to quickly take action and shut down the machine in case of any misuse.

Computers compete when the solving of complex mathematical calculations to confirm transactions within the network such that they can generate digital tokens during the crypto mining process which requires vast processing power or CPU usage hence forcing hackers to pirate a huge number of machines to be efficient.

In the struggle to avoid detection, the command-and-control module dwelling on AWS makes the infected computer’s CPU usage low enough and its owner can’t easily notice it. Endpoint security can help so much together with this type of security for regular consumers. It is an ongoing issue and AWS customers will be properly educated about adopting security solutions.

Bitcoin has proved to be too difficult for hackers to mine since it now requires massive warehouses that have to be stocked with specialized computers in order for the operation to be successful.

Netskope noted that the hackers’ names and locations are not yet identified but the threat is ongoing and difficult to detect since the amount of money generated by the malware for its owners is somewhat minimal.