• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

Recent Advances in Cryptovirology: State-of-the-Art Crypto Mining and Crypto Ransomware Attacks

Vol. 13, No. 6, June 29, 2019
10.3837/tiis.2019.06.027, Download Paper (Free):

Abstract

Recently, ransomware has earned itself an infamous reputation as a force to reckon with in the cybercrime landscape. However, cybercriminals are adopting other unconventional means to seamlessly attain proceeds of cybercrime with little effort. Cybercriminals are now acquiring cryptocurrencies directly from benign Internet users without the need to extort a ransom from them, as is the case with ransomware. This paper investigates advances in the cryptovirology landscape by examining the state-of-the-art cryptoviral attacks. In our approach, we perform digital autopsy on the malware’s source code and execute the different malware variants in a contained sandbox to deduce static and dynamic properties respectively. We examine three cryptoviral attack structures: browser-based crypto mining, memory resident crypto mining and cryptoviral extortion. These attack structures leave a trail of digital forensics evidence when the malware interacts with the file system and generates noise in form of network traffic when communicating with the C2 servers and crypto mining pools. The digital forensics evidence, which essentially are IOCs include network artifacts such as C2 server domains, IPs and cryptographic hash values of the downloaded files apart from the malware hash values. Such evidence can be used as seed into intrusion detection systems for mitigation purposes.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
A. Zimba, Z. Wang, H. Chen, M. Mulenga, "Recent Advances in Cryptovirology: State-of-the-Art Crypto Mining and Crypto Ransomware Attacks," KSII Transactions on Internet and Information Systems, vol. 13, no. 6, pp. 3258-3279, 2019. DOI: 10.3837/tiis.2019.06.027.

[ACM Style]
Aaron Zimba, Zhaoshun Wang, Hongsong Chen, and Mwenge Mulenga. 2019. Recent Advances in Cryptovirology: State-of-the-Art Crypto Mining and Crypto Ransomware Attacks. KSII Transactions on Internet and Information Systems, 13, 6, (2019), 3258-3279. DOI: 10.3837/tiis.2019.06.027.

[BibTeX Style]
@article{tiis:22141, title="Recent Advances in Cryptovirology: State-of-the-Art Crypto Mining and Crypto Ransomware Attacks", author="Aaron Zimba and Zhaoshun Wang and Hongsong Chen and Mwenge Mulenga and ", journal="KSII Transactions on Internet and Information Systems", DOI={10.3837/tiis.2019.06.027}, volume={13}, number={6}, year="2019", month={June}, pages={3258-3279}}