Durante os últimos dois anos, o ransomware visava preferencialmente instituições médicas e hospitais. Várias organizações de saúde foram atingidas e não tiveram escolha a não ser pagar o resgate exigido. Com a mudança de tendências maliciosas para mineradores de criptomoedas, we are now beginning to see health institutions compromised by crypto mining.
Cryptocurrency Miners Now Targeting Hospitals
One such case was registered in Parsons, Tennessee, EUA, where the Decatur Country General Hospital was hit by a miner. Few days ago the hospital released a statement where it explicado that an incident has happened.
“Em novembro 27, 2017, we received a security incident report from our EMR system vendor indicating that unauthorized software had been installed on the server the vendor supports on our behalf. The unauthorized software was installed to generate digital currency, more commonly known as cryptocurrency,” the hospital wrote.
Mais que 20,000 patients are currently being notified that their health information has been compromised due to mining software found on an electronic medical records server.
After the institution received the incident report, it began its own investigation which is currently ongoing. The experts believe that an unauthorized individual remotely accessed the server where the EMR system stores patient information to install the unauthorized software, as stated in the official announcement. Pelo visto, the mining software was installed in September, 2017.
Infelizmente, the official statement doesn’t give any explanation as to why the EMR vendor took so long to notify the hospital about the discovery of the cryptocurrency miner.
This incident serves to indicate a new, increasing threat trend that once again chooses to target hospitals and health institutions. Em outras palavras, institutions should not only fear a ransomware attack anymore but also a cryptocurrency miner being secretly installed on their servers.
More and More Botnets Being Deployed for Cryptocurrency Mining
According to research by Talos, botnets distributing miners could generate up to $100 million a year. além disso, a simple botnet of about 200,000 nodes can make $500 a day in Monero which amounts to $182,500 in a year.
More and more botnets are currently being deployed for mining. Vamos pegar o DDG.Mining.Botnet which was recently discovered by researchers. The botnet was quickly proclaimed the second biggest mining botnet ever, targeting Redis and OrientDB servers.
Another example is the Smominru botnet which is capable of manipulating the configuration of the compromised hosts and has been found to install a Monero cryptocurrency miner. The miner itself takes advantage of the available resources and uses them to generate income for the botnet operators.