More than 2000 computers from one of India’s leading enterprises, Aditya Birla Group, were held hostage in the country’s latest cryptojacking, according to an economic daily report.
The occurrence was first discovered approximately a month ago at one of the group’s many overseas subsidiaries. The attack malware in question spread through the company’s network in just a couple of days.
All evidence points toward a typical cryptojacking, with hackers secretly infiltrating malware in the target system and seizing partial control of their functionality in order to mine cryptocurrency. The main goal was, of course, to use the targeted computer’s resources for mining activities, without having to pay for the involved energy consumption.
No data loss, just thousands of hacked computers used for mining
Fortunately, there was no data loss involved, a person knowing to the whole situation declared: “It’s a kind of attack where the primary intention of the hackers is not to steal information and cause business disruption. Rather, they hijack the target’s computers and tap the power supply to the organization to mine crypto coins.”
Such attacks can also have unwanted effects on the infected devices, besides the obvious slowdown, leading to premature wear. The mined digital currency was Monero, which makes sense, especially considering the fact that it’s practically untraceable. Monero encrypts the recipient’s address on its blockchain and even generates “decoy” addresses to hide the sender’s identity, making it perfect for this type of job.
Large-scale cryptojacking that should not be treated lightly
The business giant’s spokesperson offered some insight on the post-event situation as follows: “Aditya Birla Group has advance threat management systems that are constantly monitoring and protecting business critical applications and infrastructure in all Businesses. Recently, the advance threat detection systems of our Group alerted us of suspicious activity on some desktop systems. Based on this, our internal team immediately carried out an investigation and deployed countermeasures to isolate and eliminate the cause of this activity.”
Reportedly, the attackers managed to successfully transfer the newly acquired digital assets to various digital wallets.
One thing is for sure, this attack won’t go by unnoticed, leaving the company in question and others no choice but to take extra precautions in order to prevent such cyber-attacks in the future. The spokesperson also added: “As an added assurance, we initiated a detailed forensic investigation which is nearing conclusion in respect of root cause analysis and preventive actions.”