The Microsoft Threat Intelligence Center (MSTIC) has revealed that cyber con artists are using the digital asset Monero (XMR) mining malware and other advanced tools as a decoy while attacking nation-states.
According to Microsoft in a new report, the nation-state attacking group that is known as BISMUTH initially used open-source and custom tools to target multinational corporations, human rights organizations, and financial institutions, among others.
The report says the group has since been using more complicated techniques to hide their malicious activities. Proofs of their potency are the latest attacks they perpetrated in July and August 2020, when Monero (XMR) mining Trojans were deployed to target private and public institutions in France and Vietnam.
Microsoft added that the nation-state attacking group’s perpetrations emphasize hiding in plain sight, stating that the deployment of Monero (XMR) mining malware as a distraction could hide other malicious activities of the group behind less-alarming threats.
Microsoft, thereby, warns users to be on the alert and protect themselves from the usual tactics used by the attackers.
The report reads:
“While this actor’s operational goals remained the same – establish continuous monitoring and espionage, exfiltrating useful information as is it surfaced – their deployment of coin miners in their recent campaigns provided another way for the attackers to monetize compromised networks.”
“Because BISMUTH’s attacks involved techniques that ranged from typical to more advanced, devices with common threat activities like phishing and coin mining should be elevated and inspected for advanced threats. More importantly, organizations should prioritize reducing attack surface and hardening networks against the full range of attacks.”
According to the tech giant, organizations can build resilience against these types of attacks by focusing on configuring email filters to block phishing and spoofed emails, spam, and emails containing malware.
Microsoft also suggests means to abate any potential attack from the group, such as educating users, disabling macros, and restricting servers from making random connections.
Trade your preferred cryptocurrencies seamlessly at Bitget.com