Vulnerability in Email Auto-replies Allows Hackers to Mine Crypto

ByBitcoin21

Sep 26, 2024

How Auto-Reply Emails Are Exploited

Cybersecurity researchers from Facct recently found that hackers are taking advantage of email auto-replies to spread malware. They’ve mainly targeted companies, marketplaces, and financial institutions in Russia. The goal? To install XMRig, a crypto-mining software, on victims’ devices.

XMRig is a legitimate tool for mining Monero, a type of cryptocurrency, but hackers have found ways to use it in their attacks. Since May, Facct identified around 150 emails containing the XMRig malware. Fortunately, their email protection system blocked these malicious emails for their clients.

Why Auto-Replies Make This Method So Dangerous

The danger of this attack method lies in its subtlety. Hackers don’t just send mass spam emails that can be easily ignored. Instead, they use auto-replies from hacked email accounts.

The victim often expects to hear back from the person they initially emailed, unaware that the account has been compromised. This makes the malware-laced response appear more trustworthy.

Recommended Cybersecurity Practices

Facct’s senior analyst Dmitry Eremenko warned that these auto-reply attacks are dangerous because victims unknowingly engage with compromised accounts. Facct advises companies to boost employee cybersecurity awareness through training. Strengthening passwords and using multi-factor authentication are also essential to prevent such attacks.

In a past interview, ethical hacker Marwan Hachem highlighted another useful tip. He suggested using different devices for various types of communication. This keeps your primary device safe and isolates potential malware.

Past Attacks Using XMRig

XMRig, although a legitimate tool, has been involved in various attacks over the years. In 2020, a malware called “Lucifer” targeted vulnerabilities in Windows systems, installing XMRig to mine Monero. Later that year, a botnet known as “FritzFrog” infected millions of IP addresses, including government offices, schools, and banks.

Key Security Measures:

  • Employee training: Educate your team on the latest cyber threats.
  • Password protection: Use strong, unique passwords.
  • Multi-factor authentication: Increases security.
  • Separate devices: Isolate communications to limit malware spread.

Auto-reply emails seem harmless but can open the door to severe attacks. Awareness and strong security practices are vital to staying safe.

Source link