recommended reading

Threatwatch

Bitcoin hacker who directed ISPs to do his bidding banked $83,000

Network intrusion; Unauthorized use of system administrator privileges; Man-in-the-middle attack

No less than 19 Internet service providers unwittingly contributed to the mining of digital currency, after a thief used a technique called BGP hijacking to redirect traffic, including data from the networks of Amazon.

BGP hijacking exploits the so-called border gateway protocol, “the routing instructions that direct traffic at the connection points between the Internet’s largest networks,” Wired explains. “The hacker took advantage of a staff user account at a Canadian internet service provider to periodically broadcast a spoofed command that redirected traffic from other ISPs.”

Dell SecureWorks researchers, who discovered the plot, declined to name the ISP and are not sure if the hacker cracked the account or might have been a rogue insider.  

The attacker used BGP hijacking to target a collection of bitcoin mining pools – “bitcoin-producing cooperatives in which users contribute their computers’ processing power and are rewarded with a cut of the resulting cryptocurrency the pool produces,” Wired continues. “The redirection technique tricked the pools’ participants into continuing to devote their processors to bitcoin mining while allowing the hacker to keep the proceeds.”

With that much power, the hacker was banking bitcoins and other cryptocurrencies, such as dogecoin, at a rate of $9,000 a day.

That BGP trick enabled the hacker to redirect the miners’ computers to a malicious server controlled by the hacker. From that server, the hacker sent the mining machines a command that changed their configurations to contribute their processing power to a pool that stockpiled the bitcoins they produced.

The researchers measured $83,000 worth of cryptocurrency stolen during the machinations. But the winnings could be greater, because they had to stop counting for several weeks when one of the researchers broke his ankle.  

While this BGP takeover only scored cash, other schemes using the same tactic could cause destruction, the researchers warned.

“If one Canadian ISP can be used to redirect large flows of the Internet to steal a pile of cryptocurrency, other attackers could just as easily steal massive drifts of Internet data for espionage or pure disruption,” Wired reports.  

sector

Financial Services; Web Services

reported

August 7, 2014

reported by

Wired

number affected

Unknown

location of breach

Unknown

perpetrators

Criminals

location of perpetrators

Canada

date breach occurred

February through May 2014

date breach detected

March 22, 2014

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.