- Upgrade to Microsoft Office Pro and Windows 11 Pro with this bundle for 87% off
- Get 3 months of Xbox Game Pass Ultimate for 28% off
- Buy a Microsoft Project Pro or Microsoft Visio Pro license for just $18 with this deal
- How I optimized the cheapest 98-inch TV available to look and sound incredible (and it's $1,000 off)
- The best blood pressure watches of 2024
Crypto-Thieves Cost Victims 53 Times What They Make
Threat actors make just $1 for every $53 they cost their victims in extra cloud computing bills, according to a new report from Sysdig.
To calculate its findings, the security vendor analyzed a single campaign from the infamous crypto-jacking threat group known as TeamTNT, which used over 10,000 compromised endpoints to mine for cryptocurrency.
It claimed to have found $8120 in 10 crypto wallets used in the campaign, which resulted in extra cloud bills of $430,000 for the victims. That works out at around $53 in damages for every $1 in cryptocurrency mined, although there may have been additional wallets used in the campaign that Sysdig did not discover.
However, damages from crypto-jacking extend beyond extra cloud computing costs.
It’s claimed that the additional strain servers are put under can wear out hardware faster, forcing owners to invest in replacement kit. It can also slow down the speed at which they run, which might cause disruption to IT operations and the customer-facing services running on them, with a resulting financial and reputational impact on the victim organization.
Illicit cryptocurrency mining is most commonly achieved via cloud and container compromises, according to Sysdig.
Crypto-miners, backdoors and other malware are often inserted into public repositories disguised as legitimate software, where they’re unwittingly downloaded by DevOps teams, the vendor said.
It claimed that 36% of malicious Docker Hub images contain crypto-miners.
“Security teams can no longer delude themselves with the idea that containers are too new or too ephemeral for threat actors to bother,” said Stefano Chierici, senior security researcher at Sysdig.
“Attackers are in the cloud, and they are taking real money. The high prevalence of crypto-jacking activity is attributable to the low risk and high reward for the perpetrators.”