Login Contact Us Book a Demo
Resources Blog Crypto-Mining Crime Rings: The Newest Reason Why Software ...

Crypto-Mining Crime Rings: The Newest Reason Why Software Supply Chain Hygiene Matters

By

2 minute read time

Mining for crypto currencies can make you some serious coin.

This is why more and more people are standing up "mining rigs" to dig for crypto currencies like Bitcoin, Litecoin, Etherum, and Monero. Basically, it's the modern equivalent of panning for gold.

But, crypto-mining, while potentially lucrative, isn't free. Indeed, it requires a massive amount of computing power, and therefore energy, to do it well. The practice has become so popular that it's driving growth at some of the world's largest technology companies, including: TSMC, AMD and NVIDIA.

It's also driving growth in criminal activity.

Putting things into perspective, mining at a cost of 14 cents per kilowatt / per hour is not profitable. Similarly, if you invest $1,200 in mining hardware, and you earn $2 mining profit per day, and assume there is no leap in coin value, it could take two years to pay off your hardware investment.

If, however, you could borrow (steal) computing and energy resources from unsuspecting individuals, then mining would be an incredibly profitable endeavor. That, of course, is why criminals actively hack computers around the world and do what's called mining by malware.

Last month, in one of the biggest malicious cryptocurrency mining operations ever, hackers exploited a vulnerability in Jenkins, a popular open source CI tool, to make $3 million by mining Monero.

Then, this past week, it was discovered that a massive crypto-mining botnet had taken over half a million machines, and may have made its cybercriminal controllers millions of dollars.

It's clear this trend is growing, and the topic of what to do has increasingly been popping up. In fact, my colleague Bill Karpovich was just on Cheddar talking about this issue - and poignantly said "If 2017 was the year of ransomware, 2018 would be the year of crypto-jacking. This is the perfect cybercrime in many ways."

Here's the bottom line. There are many, many reasons why organizations should protect their software supply chains. Crypto-mining is the latest.
Picture of Matt Howard

Written by Matt Howard

Matt is a proven executive and entrepreneur with over 20 years experience developing high-growth software companies, at Sonatype, he leads corporate marketing, strategic partnering, and demand generation initiatives.

Tags

Try Nexus Repository Free Today

Sonatype Nexus Repository is the world’s most trusted artifact repository manager. Experience the difference and download Community Edition for free.

Download Now

Share