Your Device Is My Miner: How Hackers Steal Your Cryptocurrency
Since bitcoin hit its record high value of $20,000 in 2017, more and more individuals have participated in the cryptocurrency economy. Subsequently, cryptocurrency security has played an increasingly critical role in making the virtual economy safe.
How to mine a bitcoin? How to prevent hackers from stealing your cryptocurrency? To answer these questions, NewSky Security’s CTO & Co-founder, Song Li, recently conducted a workshop at Cloud Security Alliance Seattle Chapter.
Distributed Database
Song began the talk with an explanation of basic cryptocurrency concepts. From Song’s point of view, every cryptocurrency is a form of a distributed database, which tracks data with hashing. What is the purpose of hashing? It is used to add new transaction blocks to a chain that records all previous transactions. Song believes that blockchain technology is a way of looking at time flows. One analogy he referred to is history, which combines a number of choices that people made. Blockchain would be used to record events that most people (over 50%) believed happened, in order to track history.
As a reward to the miner who contributes her computing power for hashing, she has a chance to earn a certain amount of cryptocurrency. Bitcoin is one of the most popular cryptocurrencies with new Bitcoins distributed every 10 minutes. Read Satoshi Nakamoto’s original Bitcoin white paper to learn more about Bitcoin.
Miners
Bitcoin mining is the process of earning new Bitcoins by computing hashes that verify transactions and add them to a blockchain. In this competitive computing game, the more hashes you can compute, the more likely you are to earn the Bitcoin reward. “Mining is nothing but calculating hashes with computing power, and it can be easily paralleled”, Song says, “Anything that can operate parallel computing, regardless of their physical form, will be able to mine cryptocurrency.”
Bitmain AntMinerWhen Bitcoin was first introduced, personal computers have enough computing power to mine Bitcoin. The boom in cryptocurrency mining has led to the development of dedicated mining hardware: miners.
Mining Facilities
If your town has a lot of spare space and cheap electricity, you might expect to see thousands of miners soon. These professional mining facilities consume substantial amounts of power, and bring in new high-tech job opportunities to rural areas. Eastern Washington, with the cheapest power in North America, is becoming a dream destination for miners.
Mining Pools
A mining pool is a combined “pool” of mining resources that mine for cryptocurrency altogether. After successfully earning one Bitcoin, the mining pool will split the reward to all miners in the pool, equally.
As of 2015, the facility depicted in this video mined 20 to 25 Bitcoins daily. At today’s Bitcoin exchange rate ($9000/BTC), this mine would generate $6 million per month. Similar to other IoT devices, the miner itself is not expensive, but the data generated by the machine is incredibly profitable. This is why mining facility managers prefer to swap broken miners for new hardware, instead of investing in repairs and maintenance.
At NewSky Security, we share the same philosophy as mining managers: data is more valuable and more vulnerable than hardware. Therefore, we focus on securing every bit of data created and exchanged on IoT devices.
Crypto Hacking
As an ethical (white hat) hacker, Song studies all possible ways to get cryptocurrency, besides legitimate mining. Our cryptocurrency honeypots have already captured multiple crypto hacking tricks, primarily targeting miners, mining operating systems and crypto wallets.
Recent IoT device attacks often include mining malware. Hackers use malware to steal computing power from IoT devices, like cameras, printers and routers, and to mine cryptocurrency unbeknownst to the device owners. Unlike conventional hackers, whose goal is usually to disrupt businesses, crypto hackers run mining malware on connected devices and will make sure IoT systems are up and running normally, in order to mine cryptocurrency continuously.
Sometimes, hackers can remotely control a miner and steal cryptocurrency. Last year, AntMiner users found a vulnerability called “Antbleed,” which would have been able to shut down 70% of AntMiners remotely.
Shodan, an IoT search engine, shows over 3000 AntMiners that are searchable online. This means hackers could potentially gain access to these devices and run malicious scripts to steal cryptocurrency. We suspect that some of these exposed miners are security companies’ crypto honeypots.
Conclusion
Crypto mining is highly competitive and profitable. Hackers are consistently looking for new ways to steal computing power from IoT devices, and to steal cryptocurrency from miners, mining pools and wallets. Safe and secure cryptocurrency mining and storage are also evolving topics. NewSky Security has deployed honeypots worldwide to gather crypto threat intelligence. We always stay close to the front lines of hacking. Consequently, we apply everything we learn from hackers to develop a proactive defense system that secures every connected device.
Melissa Xu Marketing Manager, NewSky Security (NewSky Security)
- Security