New Monero Cryptojacking Exploit For Linux Discovered, Targeting Old Software

Colin Muller

A dangerous new “cryptojacking” exploit targeting the Linux operating system has been discovered by a Russian security company called Dr.Web, who have unceremoniously named it “Linux.BtcMine.174.” The name is (fittingly) misleading, as the malware surreptitiously mines monero (XMR) rather than bitcoin (BTC). Cryptojacking is the hijacking of a user’s computing power in order to secretly mine cryptocurrency.

The exploit depends on one of two Linux vulnerabilities being open to form an attack vector, which are CVE-2016-5195 and CVE-2013-2094. According to the widely referenced exploit tracking website cve.mitre.org, CVE-2013-2094 (as the “2013” name suggests) is only present on versions before 3.8.9; whereas CVE-2016-5195 affects versions before 4.8.3. (The current Linux version is 4.19.2.)

Linux.BtcMine.174 forces “root” access on the Linux-running device, which means it gains access to the entire file structure of the system. On most commercial computing devices, such primary access is either password-protected or completely sealed-off, even from the legal owner, as is the case with both iPhone and Android smartphones.

According to Dr.Web, the exploit then downloads several more utilities, in order to delete competing cryptojacking software and virus-scanning software, and to run the XMR mining script in perpetuity.

Update your software

As mentioned above, this exploit only affects older versions of Linux. This means that those running the latest software will not be vulnerable. This conclusion is consonant with a story CryptoGlobe reported on just days ago, in another case of cryptojacking resulting from leaving unupdated software vulnerable to known exploits.

Monero is the ideal cryptocurrency to mine in such cases of cryptojacking, because of its privacy features which almost completely obfuscate the identities and amounts involved in transactions.

Incidence of cryptojacking are on the wane overall, while incidence of data theft and ransomware targeting businesses is on the rise. Cryptojacking skyrocketed in late 2017/early 2018, presumably due to the exploding prices of cryptoassets at that time. However, it is clear enough that even amid today’s collapsing market, the threat is still real.

Komodo to Soon Release Atomic Swap-Enabled Trading App, CTO Reveals

Cryptocurrency exchanges have been under fire so far this year, as hackers have kept on targeting them and other events hurt the confidence users have in certain platforms. Atomic swap technology is set to revolutionize the way we trade cryptocurrencies and more.

As CryptoGlobe covered, a Chainalysis report has found that 60% of cryptocurrency exchange hacks were the work of two major players, dubbed “Alpha” and “Beta.” Alpha was described as a “giant, tightly controlled organization partly driven by non-monetary goals” that appeared eager to “create havoc as to maximize profits.”

Beta, on the other hand, was described as a “less organized” player that focused more on monetary gains from their endeavors, moving money less, and waiting longer before cashing out. Together, these have reportedly stolen over $1 billion from exchanges.

Moreover, cryptocurrency exchange Cryptopia was hacked earlier this year in an attack described as “unusual” by Elementus, as it lasted longer than regular attacks, and saw hackers cash out over $2 million from decentralized exchanges.

On top of all this, crypto exchange QuadrigaCX recently went down after its founder and CEO Gerald Cotten unexpectedly passed away. Cotten was reportedly the only person with access to $145 million worth of customer funds in cold storage. The complex situation cost one crypto trader his $420,000 life savings, and is still unfolding.

While decentralized exchanges exist, their liquidity problems have seen most users stay away from them. The solution, peer-to-peer exchange, has trust-based risks, which are hard to fix without the transaction being made in person. This, as seen, carries risks.

Enter atomic swaps. This type of technology, according to the CTO of privacy-centric cryptocurrency Komodo (KMD),Kadan Stadelmann, can potentially revolutionize P2P transactions, as it eliminates the need the need for any central party.

This, he said, won’t make centralized cryptocurrency exchanges useless, as there’s room for both. CryptoGlobe caught up with Stadelmann to learn more about atomic swaps and Komodo itself.

CryptoGlobe: Can you introduce our audience to Komodo?

Kadan Stadelmann: Komodo itself is a blockchain platform that was founded a couple of years ago. Our vision is blockchain interoperability, the interconnectivity between different blockchain systems, between different communities, between different blockchain protocols, and also different technologies.

We have a varied set of different technologies and tools that together do reflect this vision that we have. As you maybe know we have decentralized exchanges, applications using blockchain technology, and some sort of smart contract system. As you can see it’s a pretty complex framework, and that basically is Komodo.

CG: Can you help us better understand atomic swaps?

KS: Sure. So there are different forms of atomic swaps, I'll just make it as abstract and as simple as possible. What I'm talking about now is the so-called "cross-chain atomic swap," this is basically the atomic swap everyone is talking about right now.

In simple terms an atomic swap would mean an exchange of coins from one person to another, without any central party involved. This is a direct line between me and you, so we can use the atomic swap protocol to exchange our tokens without any central technology. This cross-chain atomic swap is basically the idea of trading, exchanging something in a trustless way, with the help of specific mathematics and cryptography.

A cross-chain atomic swap can involve different blockchain protocols, so we can trade for example Ethereum for Bitcoin, and this trade takes place on our central computers - there's no central server like a centralized exchange. The most important aspect of this technology is that we're able to trade without anyone else involved, just me and you.

CG: What do you see in the technology's future? What potential applications can you imagine?

KS: I think this technology can cover a lot of things. Not just exchanging coins and tokens, but also exchange technology, exchanging information, and other data forms and data in general. I think atomic swaps - this technology of exchanging something in decentralized and trustless ways - opens door to the whole industry.

We're potentially talking about doctors exchanging information, Universities exchanging knowledge, making it a medium of exchange. These universities could use atomic swaps to exchange knowledge in a trustless way. I think for the technology the use cases are endless, as it's very promising.

Where I see it going is of course the financial area: trading, exchanges, etc. Those will be utilizing atomic swaps first. I see atomic swaps on smartphones, apps, and even on a smartwatch app. It's a mighty technology.

CG: Specifying cryptocurrency exchanges, how will atomic swaps affect them? Will they be an asset to them?

KS: I think it's going to definitely be an asset, something that's positive for the industry. We even see centralized exchanges developing decentralized exchange technology, take Binance for example - it's a centralized exchange building a decentralized exchange.

The biggest benefit of a decentralized exchange is the security, as trades just happen between me and you. It's very very different from a centralized exchange. I personally believe there will always be users who're familiar with the centralized exchange and will always feel more comfortable just opening a browser and entering an exchange this way. I think centralized and decentralized exchanges will likely co-exist for a couple of years, before we see hybrid forms get created.

CG: How will atomic swaps work with layer-two scaling solutions like Bitcoin's Lightning Network?

KS: [Atomic swaps] will be possible on layer-two scaling solutions, definitely, but they'll be a little bit different. Basically you would need some sort of gateway. Even though the coins are "locked" on the scaling solution, I believe atomic swap implementations could wait until the tokens arrive at the endpoint, exit the LN, and get unlocked again.

So if we did a trade and the LN was involved, it wouldn't be confirmed until the last steps were done - coins unlocked and tokens out of the second layer. We've developed something we call a trust API - while we're always trying building the system trustless we know normal users don't like to wait for confirmations, so in this case the system will allow a trade without the wait for the confirmation, or without waiting for the bitcoins to exit the LN.

I see other systems doing the same, so we would have an additional validation and confirmation layer allowing us to use the LN for atomic swapping. But it'll be different.

CG: When will Komodo's BarterDEX be live?

KS: Our decentralized exchange is live, publicly accessible, and already online. However, BarterDEX just entered the alpha testing stage two to three weeks ago and we're preparing for beta testing. We will make a public pre-release soon, however this is still a backend software, there is no graphical UI available right now.

We are planning to release a mobile solution - a smartphone trading application utilizing atomic swaps - later this year. A third-generation decentralized exchange.

CG: What's the Komodo token's role in all of this?

KS: We haven't really created Komodo as some sort of gas or fueling token for a decentralized exchange or any other technology. Our tech is 100% open and Komodo is the flagship token of the platform itself. The coin utilizes all the technologies we've built, and Komodo is more or less a "mothership," in the sense that it's the big spaceship where everything else - the other small projects - are created.

Komodo is like this big base foundation that we've laid for all the new tokens we see. We have dozens of blockchains being created with Komodo, that's its role. It's the glue that sticks dozens of projects, developers, and communities together and connects them while providing them a compatibility layer.

CG: Komodo hit a near $12 all-time high during the crypto market's peak, and now it's under $1, are you worried about its price performance, or the impact this may have on people's perspective into the market?

KS: To be honest I have no issue with the current market condition. While people say this was a really bad bear market, I think its normal as all coins are kind of pegged to bitcoin and if bitcoin goes down they all do.

At the end of the day 2018, the year everyone calls the worst crypto year, was the best one for me and every developer I know. We never had so much technology get created, we never had so many contracts and deals be made in the blockchain space. Although prices are down and Komodo along with it, the price to me is completely irrelevant. For me personally, it's irrelevant and the market should never be linked to the technology layer, they're two different things.

CG: Is there anything else you'd like to share with our audience?

KS: Yes, take a look at Komodo. It is a very promising technology, a young platform, and we've never really looked at the rest of the ecosystem as competition. If someone's following the media, we have security collaborations and vulnerability disclosure agreements.

Our big, big vision was to connect blockchain and provide this compatibility layer - and we've done it. We're open for other blockchains, users and developers to join.