Cryptocurrencies are hot. According to https://coinmarketcap.com, there are now over 1300 cryptocurrencies with new initial coin offerings (ICOs) accelerating all the time. Even Kodak is getting into the act with KODAKcoin. And currently, the price trajectory of Bitcoin is higher than a North Korean rocket, with Blockchain saving the world one application at a time.Cybercrime, which quickly adopted cryptocurrency as the payment method in the ransomware plague, is now turning its eye to other uses for cryptocurrency technology. We are seeing stolen account and credit card shops use the peer-to-peer DNS technology in Blockchain as a technique for bullet proofing their offerings. Jokers Stash (see Figure A), which has been linked to the Sonic Drive-In breach, is using .bazaar top level domains as an alternative to traditional DNS and tor-based naming systems.
Figure C: Coinhive.com has replaced poolminexmr.com as the most popular mining domain.Cryptojacking payloads look set to become a mainstream attack in 2018. We may even see this method of monetization, which doesn’t require the victim to actually do anything, take over from current ransomware options that require victims to actively make the ransom payment. About the Author: Andy Norton is a Director of Threat Intelligence at Lastline, inc. You can find him on LinkedIn here.See how you can greatly reduce the time needed to accurately detect and protect against advanced and persistent threats, from the network edge, to endpoint systems with Tripwire Enterprise and Lastline, here.
Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.