New cryptocurrencies offer better anonymity, new security challenges

Anonymous cryptocurrencies like Monero and Zcash help cybercriminals evade detection and make cryptojacking more profitable.

blockchain cryptocurrency digital security

A new crop of anonymous cryptocurrencies, which are less traceable and offer greater privacy than Bitcoin, are gaining ground with cybercriminals. Despite the lower risk of being caught that cryptocurrencies like Monero and Zcash offer, Bitcoin remains the currency of choice for ransomware payments because it’s easier for the public to acquire.

The biggest impact that anonymous cryptocurrencies have on enterprises, at least in the short term, is that criminals are hijacking their computers to mine the currency. "If you’re doing something illegal like cryptojacking to make a profit, the money will only be good to you if you can stay out of jail," says Bryan York, director of services at CrowdStrike, Inc.

Plus, Monero cryptojacking is easier to carry out than Bitcoin mining. Bitcoin is a mature and crowded ecosystem, and miners typically need specialized computing equipment to make any money. Monero is intended to be mined by regular computers, says Mike Price, CTO at cybersecurity vendor ZeroFox. That means the mining isn’t concentrated in a few big mining operations, but distributed more widely across people's personal computers.

There's a downside, he says. "It incentivizes attempts to mine on personal computing devices without the direct consent of the device owner." In other words, cryptojacking.

Cryptojacking turns devices into cryptocurrency-mining botnets

Monero, for example, can run in JavaScript on a user's computer. "It makes infecting devices and creating a botnet or exploiting browsers for mining very attractive," says Andy Norton, director of threat intelligence at Lastline, Inc., a malware protection vendor.

In fact, according to Norton, there's been a big rise in Monero mining pools lately. Lastline tracked which domains are requested by cryptojacking malware, and seven of the top eight are for Monero, while only one is for Bitcoin.

To continue reading this article register now

The 10 most powerful cybersecurity companies