Cryptojacking malware now used to launch further invasive attacks

• Microsoft says a malware group now uses cryptojacking techniques as a decoy to steal more sensitive information 

• Advises institutions to invest in top cybersecurity measures

Microsoft tech intelligence team has published a paper in which they say that crypto scammers are using cryptojacking malwares to cover up for other attacks they are carrying out.

According to the paper, these attackers use cryptojacking scripts as cover to steal more confidential information and also attack sensitive government systems.

The tech team was able to link the attack to a group named BISMUTH. This group has recently carried out different attacks against the government of France and Vietnam. These attacks were designed to look like cryptojacking attacks.

Cryptojacking attacks usually involve the process of trying to use available processing power to mine for cryptocurrencies like Monero.

But the report released by the Microsoft tech team showed that these attacks were being used to generate only a meagre income for the group. Instead, the focus of the group is on stealing credible, vital and important government information.

The paper also said that the group carried out the attack using a cryptojacking script that mines majorly for Monero. 

Monero is a private coin that is mainly associated with crypto hacks. It was the crypto asset requested by hackers who also hacked the official reelection website of President Trump.

How BISMUTH carries out cryptojacking 

The published report stated that BISMUTH have been able to perfect their style of cryptojacking. The group has been able to cause concerns for governments and organizations who are unable to properly guard sensitive information.

The strategy of the group is to use the crypto attack as a decoy to pull attention away from their operations. This is in line with the group MO which says “hiding in plain sight.”

The Mircrosoft team went on to say that most organizations would count the attacks of the group to be less alarming, and a commodity malware. Whereas, the group is carrying out a major attack on the system.

The paper went on to advise institutions to carry out strong counter-measures against such attacks and also employ the services of top cybersecurity experts to better protect their systems.