Attivo Networks Blogs

Cryptomining hacks are misunderstood, and pose a grave economic danger

Payments Source

By: Carolyn Crandall, Chief Deception Officer, Attivo Networks

Cryptocurrency mining attacks have skyrocketed in the last year. The Cyber Threat Alliance reported a 459 percent increase in cryptominer detections from 2017 through 2018, demonstrating they have rapidly become one of the most in-vogue forms of attack.

With this momentum, it not only becomes critical to understand the potential impact of cryptomining today, but also what it could become if used to destabilize economies, fuel nation-state actor revenue, or to simply redirect processing power into decrypting files.

Although this form of threat is relatively new, it should not be underestimated. Cryptomining shows no sign of stopping given the escalating value and number of cryptocurrencies available, from bitcoin, Monero, Ethereum, Zcash and Litecoin to hundreds of others.

The cryptocurrency boom has encouraged attackers to expand their focus from other methods such as utilizing malware to steal data and impose ransoms or launching a disruptive DDoS attack, to employing tools and techniques to gain access to the computing power of enterprises to generate cryptocurrency payouts.

Cryptomining attacks are becoming more attractive since they require limited effort to generate revenue and are much simpler to execute to achieve a large payday vs. ransomware, which requires an organization to agree to pay threat actors. Buyer/seller marketplaces make it easy to facilitate offers in bitcoin for the processing power.

These markets will automatically switch the seller’s hashing power to mine for the buyer with the highest offer, making it simple to complete hashing power financial transactions. To execute a cryptomining attack, all that is required is access to commodity malware, browser-based exploit kits, some computer processing power, and electricity (stolen or legitimate).

This threat is likely to escalate as enterprises embrace blockchain technologies to conduct business operations. Additionally, illicit mining outside of cryptocurrencies may also create additional risks that enterprises will need to mitigate.

Cryptomining attacks not only drain resources and raise electrical bills but can also significantly damage critical IT infrastructure. Equally important, the presence of a cryptomining attack may indicate other flaws in the organization’s security controls, which, if left open, present opportunity for a much larger attack.


Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free


Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial


  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise


Leave a Comment

Your email address will not be published.

20 − ten =

Ready to find out what’s lurking in your network?

Scroll to Top