The era of the “Gold Rush” in the niche of cryptocurrencies has long passed. Currently, cryptojacking, which involves using malicious software for cryptocurrency mining, is only financially viable on a significant scale. Cybercrime groups have responded to this issue appropriately. Trying to expand their activities and increase profits, malefactors started to target cloud services. Cryptocurrency mining is much less profitable than stealing confidential information and spreading ransomware. In recent times, the primary objective of cybercriminals has shifted from infecting end-user machines to targeting cloud services. Malicious actors prefer Monero (XMR), which offers the highest CPU mining returns among cryptocurrencies. The choice is also explained by the fact that most cloud services do not provide access to a conventional computer’s graphics processing unit (GPU) and resources. The central processing unit (CPU) becomes the only mining tool. The lack of adequate protection on vulnerable cloud servers and the fact that the criminal groups attacking them use almost the same set of exploits leads to fierce competition between them. Information security specialists compare this competition for resources to Capture the Flag cyber tournaments. Representatives of the Outlaw gang, install a script on compromised systems to eliminate other competing hacker groups’ miners. Frequently, the same hacker groups act as both the attackers and defenders.
Full analysis : Shift In Cryptojacking: From End-User Machines To Cloud Services.