IoT security: Is cryptocurrency-mining malware your next big headache?

IoT devices lack the power of PCs, but some dark web users are still keen to see if compromising connected devices for financial gain is plausible.
Written by Danny Palmer, Senior Writer

With malicious cryptocurrency mining an increasingly popular means for cybercriminals to make money, there has been a surge cryptojacking malware up for sale on the dark web.

But while many crooks will target servers and PCs to secretly mine for cryptocurrencies, an increasing number of cryptojackers are looking towards Internet of Things (IoT) devices as their means of making money.

While IoT devices have far less power than even the most basic PC, they come with the benefit - for the attackers at least - that they often lack proper cyber security controls and that users frequently install the device and more or less forget about it.

As a result, IoT cryptojacking malware is becoming more popular on underground forums, with research by security company Trend Micro detailing examples of it being advertised on the dark web, with one specifically advertised to infect routers - a device in the home or workplace of anyone with an internet connection.

While IoT mining is picking up popularity, at least one user on one of these forums isn't convinced it is an efficient means of turning a profit. "It's not worth anything. Nobody will make any profit from mining on routers," one said.

See also: Cryptocurrency-mining malware: Why it is such a menace and where it's going next

However, Fernando Mercês, senior threat researcher at Trend Micro notes that "cryptocurrency malware is gaining traction as a topic in forums in the cybercriminal underground" and that some are "dedicated to exploring whether compromising connected devices - however underpowered - for financial gain is a plausible venture".

While profit from infected IoT devices might be small - for now at least - it still represents a worry for users because ultimately the device is infected with malware. While cryptojacking arguably isn't as damaging as the likes of ransomware or trojans, the device has still been compromised.

And while cryptocurrency mining is supposed to be secretive, there's always the possibility the attackers will push it too far and permanently damage the device - as demonstrated by some cryptojacking attacks which have blown up phones due to the amount of power consumption.

In order to protect IoT devices from falling victim to cryptojacking attacks, users should regularly update devices with patches as and when they become available and change default credentials to avoid unauthorised access.

Cryptocurrency mining has experienced a surge this year, even rising to become as lucrative as ransomware was at it's height.


Editorial standards