Criminals Are Exploiting For Free Cloud Despite using CI/CD provider accounts to mine cryptocurrencies, threat campaigns hold more than meets the eye, experts warn.
Sysdig cybersecurity researchers discovered over 30 GitHub accounts, 2,000 Heroku accounts, and 900 Buddy accounts being abused in an activity known as “freejacking” (hijacking free accounts). The researchers dubbed the campaign Purpleurchin, describing it as an attempt to run cryptominers “in as many environments as possible, and as hands-off as possible.”
By using a free account, the cost of mining cryptocurrencies (always relatively high) is passed on to the service providers (GitHub, Heroku, and Buddy in this example).
After analyzing the campaign, Sysdig researchers estimated that the platform would cost $15 per month for each free GitHub account created by Purpleurchin. All things considered, it would cost the platform about $100,000 for a threat actor to mine one of his Monero tokens (one token is currently worth about $150).
However, the attackers have yet to mine Monero. They are actually trying to mine Tidecoin, Onyx, Surgarchain, Sprint, Yenten, Arionum, MintMe, Bitweb and many more obscure coins. Apparently, the entire campaign is barely profitable.
This has led researchers to believe that all this is still an experiment or an attempt to hijack the underlying blockchain.
If it’s an experiment, the attacker just tests whether the method works before moving on to more popular tokens (such as Bitcoin or Monero). In terms of attacks on the blockchain, proof-of-work networks (networks where coins can be “mined”, as opposed to pre-mined proof-of-stake coins) are being used by entities to hold 51 You can take over if you can. %+ Hash power (mining power). This allows that entity to rollback the blockchain or engage in double spending. However, the price of the token will also hit the ground.
The address to which miners send their mined tokens is hidden, so it is impossible to determine the success of the campaign or identify the attacker.
via: beep computer (opens in new tab)