AWS Used To Distribute the XBooster Mining Malware

Security experts have intensified efforts to combat the cryptojacking mining malware, XBooster. During an attack, XBooster infects a system using the drive by attack vector to install malicious Monero mining software.

Over the past year or so, there has been an explosion of cryptocurrency mining malwares. Research indicates that XBooster resides deep within Amazon’s AWS cloud computing platform. From there, it infects computers and uses their resources to mine Monero. So far, its inventor has mined over $100,000 worth of Monero. Though that amount is not significant, Netskope researchers believe that the threat is considerable. Infected computers depreciate in overall performance and are highly susceptible to further infections. What’s more, XBooster demands fewer computing resources as compared to Bitcoin making it potentially difficult to detect its activities.

Reportedly, XBooster uses websites hosted on Amazon’s AWS to infect computers. Even so, there’s no link between Amazon’s recently introduced blockchain based enterprise services and XBooster. In an interview with Quartz, Netskope’s chief scientist says that this threat is serious and that people should adopt appropriate security measures.

Typically, drive-by-attacks entice people to click on compromised or phishing links on an infected website. When this occurs, X Booster installs its payload and management features on the target computer. Likewise, InfoSec security experts exposed an Egyptian scheme that hijacked computers of unsuspecting users for the same ends.

However, AWS assures users of its cloud hosting service that it has in place automated and manual measures for preventing attacks of this type. Accordingly, these measures detect, isolate, and shut down any malicious activities before they can wreak havoc. Plus, Amazon’s terms of use make it clear what types of activities are forbidden and when breached, the company doesn’t hesitate to take appropriate actions. Nonetheless, it’s not presently clear whether Amazon is actively working to secure its cloud computing platform.

Leave a Reply

Your email address will not be published. Required fields are marked *