Cybercriminals mine altcoins through cloud IT providers
Sysdig found that cybercriminals use GitHub, Buddy, and Heroku to mine altcoins.
A whole network of accounts is reportedly using complimentary CPUs. Single mining in this condition does not make sense, but given that almost 3,000 accounts are registered, there is economic feasibility.
Now they mine unpopular altcoins: tidecoin, onyx, mintme.com. It is still impossible to assess how profitable the process is. Nevertheless, analysts of Sysdig believe that it may be a test mode for further BTC or XMR mining. Moreover, they suspect preparations for a 51% attack on one of the blockchains, which operates on the PoW algorithm.
Recall that Google previously announced Virtual Machine Threat Detection, a protection that detects threats in the form of mining by scanning virtual machines on the Google Cloud.
According to Google research:
- the target of 90% of Google Cloud hacks was mining
- XCH is the most popular coin for mining on cloud infrastructure among attackers
- in more than 60% of situations, it took 22 seconds to install hidden miners