One of India’s largest business conglomerates, Aditya Birla Group, suffered from the first big ‘cryptojacking’ attack in the country last month, according to a report in The Economic Times.
Under cryptojacking, hackers misuse a targeted terminal and its processing power to mine crypto currencies.
The report suggests that more than 2,000 computers of various group companies were targeted by hackers for cryptojacking.
The attack malware, which was first detected around a month ago at a group's overseas subsidiary, spread through the system and into some of the manufacturing and other services companies belonging to the corporate house within days.
A person aware of the development told the paper: “It’s a kind of attack where the primary intention of the hackers is not to steal information and cause business disruption. Rather, they hijack the target’s computers and tap the power supply to the organisation to mine crypto coins.”
The conglomerate’s spokesperson said: “Aditya Birla Group has advance threat management systems that are constantly monitoring and protecting business critical applications and infrastructure in all Businesses. Recently, the advance threat detection systems of our Group alerted us of suspicious activity on some desktop systems. Based on this, our internal team immediately carried out an investigation and deployed countermeasures to isolate and eliminate the cause of this activity.”
“We also ascertained that there was no data loss due to this activity. As an added assurance, we initiated a detailed forensic investigation which is nearing conclusion in respect of root cause analysis and preventive actions,” the spokesperson added.
The hackers are however understood to have transferred the newly mined Monero coins to digital wallets, the report adds.
Recently, in a mass cryptojacking campaign, over 300 websites using the Drupal content management system have been infected with cryptocurrency-mining malware.
Security researcher, Troy Mursch who is the brain behind the website Bad Packets Report, uncovered the malicious campaign involving the repeat offender Coinhive on Saturday. He said that many of the discovered websites were government and university sites from all over the world.
