Cyber attackers are cashing in on cryptocurrency mining - but here's why they're avoiding bitcoin

Cryptocurrency mining malware has emerged as a key method of criminal hackers making money - so why aren't they targeting the most valuable blockchain-based currency of them all?

A quick glance at some of the key trends in cyber security during the first months of 2018 and its clear that cryptocurrency mining has become a new target for cyber criminals.

While ransomware remains a popular method for some criminals to generate income, the cyptocurrency craze has caught the imagination of cyber attackers, with regular reports of cryptocurrency mining malware regularly surfacing.

Everything from smartphones, to PCs and servers have been infiltrated by hackers, who exploit their processing power to secretly mine cryptocurrency; some schemes have been known to generate millions.

Attackers use mining to generate a range of blockchain-based currencies. However, despite bitcoin's high profile presence as the most common form of cryptocurrency - and one which remains popular for underground activities - criminals aren't attempting to maliciously excavate it.

"Bitcoin is the arguably the most popular crypto currency that exists, but still we have not seen a single attack trying to infect servers with Bitcoin mining malware," says a newly released report by researchers at Imperva.

Bitcoin remains the most high value cryptocurrency - at the time of writing, one bitcoin is equivalent to around $11500 - so you might think it would be the best vehicle for attackers making easy money off mining. So why aren't they attempting to do so?

One reason is because bitcoin mining requires specialised hardware featuring an custom-built application-specific integrated circuit (ASIC). As a result, it's not possible for attackers to turn a system which doesn't feature this specialised circuit into a machine for mining bitcoin.

"Without ASICs, it is almost pointless for an ordinary computer to mine for Bitcoin," Maya Horowitz, threat intelligence group manager at Check Point told ZDNet.

Therefore, the problem for attackers is they don't know what makes up the hardware of computers they manage to infect with bitcoin mining malware.

"When it comes to hacking web servers hackers cannot presume what kind of hardware is installed on the vulnerable servers," Nadav Avital, security researcher at Imperva told ZDNet.

Ultimately, bitcoin requires a specialised set up and high amounts of computing power in order to be successfully mined - and the majority of home and office computers don't provide this.

See also: Executive's guide to implementing blockchain technology

"Bitcoin's mining difficulty has continued to increase requiring significantly higher amounts of computing power than provided by average computers," Kimberly Goody, senior threat intelligence analyst at FireEye told ZDNet.

With all the effort it'd take to mine illicitly mine bitcoin, it's no wonder cyber attackers don't want to do it, especially when alternative cryptocurrencies such as Monero can easily be mined with any computer - or even smartphone.

"Monero mining does not depend on specialized ASICs, but can be done with any CPU or GPU," said Horowitz.

While Monero mining farms don't tend to be as large as those mining Bitcoin, as long as the activity isn't uncovered, they can be relied upon for a steady stream of income - and most users aren't going to ask questions about why their fan is running louder than usual.

For criminals, Monero in particular comes with a big advantage over bitcoin - it's completely anonymous, meaning its users can't be traced; bitcoin does offer some level of privacy, but it isn't total - cybercriminal actors have been traced thanks to analysis of the bitcoin wallet.

"Other cryptocurrencies, such as Monero, have far surpassed Bitcoin in terms of privacy and anonymity of transactions, which is an important consideration for cyber criminals exploiting devices for cryptocurrency mining operations," said Goody.

Bitcoin might be the most high profile cryptocurrency but it's just too hard for attackers to mine and could severely compromise their operational security - so there's no demand for illicitly mining it.

READ MORE ON CYBERCRIME