SlideShare a Scribd company logo

PacNOG 23: Introduction to Crypto Jacking

Download as PPTX, PDF
APNIC
APNIC

Senior Network Analyst Warren Finch discussed the use of web-based crypto miners and how the crypto miners could be used maliciously for crypto jacking at PacNOG 23 in the Marshall Islands from 3 to 7 December 2018.

Internet
1 of 26
1 Introduction to Crypto Jacking Warren Finch PacNOG 23 - 3rd Dec 2018 Marshall Islands
Agenda • Web based coin miners • What is cryptojacking • Are all cryptominers bad? • Cryptomining malware • Mitigation techniques 2
18th Apr 2014 Monero Cryptocurrency released Timeline 3 https://arxiv.org/pdf/1803.02887.pdf - accessed 15th Nov 2018 2014 20182017 14th Sep 2017 Coinhive Miner launched 16th Oct 2017 Coinhive launches AuthedMine 11th Feb 2018 UK Information Commissioner’s Office Incident Sep 2018 Webcobra Malware discovered
Web based coin miners 5 https://alternativeto.net/software/coinhive/ - accessed 9th Nov 2018 Name URL Coinhive https://coinhive.com AuthedMine https://authedmine.com Coin-Have https://coin-have.com CoinImp https://www.coinimp.com/ Minexmr.stream https://minexmr.stream JSECoin https://jsecoin.com/ Adless https://www.adless.io/ Crypto-loot https://crypto-loot.com GridCash https://gridcash.net/ CryptoNoter https://github.com/cryptonoter
Web based coin miners 6 https://alternativeto.net/software/coinhive/ - accessed 9th Nov 2018 Name URL Coinhive https://coinhive.com AuthedMine https://authedmine.com Coin-Have https://coin-have.com CoinImp https://www.coinimp.com/ Minexmr.stream https://minexmr.stream JSECoin https://jsecoin.com/ Adless https://www.adless.io/ Crypto-loot https://crypto-loot.com GridCash https://gridcash.net/ CryptoNoter https://github.com/cryptonoter
What is Crypto Jacking 7 https://www.enisa.europa.eu/publications/info-notes/images_info_notes/cryptojacking.jpg
What is Crypto Jacking • The unauthorized use of computing resources to mine cryptocurrencies. • Using malicious tools designed to hijack vulnerable systems to mine for cryptocurrency in the background using crypto mining software without the consent or knowledge of the victims. • The technique of hijacking browsers for mining cryptocurrency (without user consent). 8
Are all crypto miners bad? 10 https://www.stfx.ca/about/news/stfx-systems-update-0 - accessed 8th Nov 2018
Are all crypto miners bad? 11 https://www.itnews.com.au/news/unicef-australia-tries-in-browser-cryptocurrency-mining-489884 - accessed 9th Nov 2018
Cryptomining malware • Leaked EternalBlue and DoublePulsar exploits are used to infect vulnerable windows servers and PCs. • Oracle’s WebLogic Server (CVE-2017-10271) flaw was also used to deliver miners onto servers. • Malware families distributed via malicious spam attachments, now have a coin miner module. • Android and Mac users are infected by trojanised apps laced with mining code. 16
Crypto-mining malware detections in 2017 17 11703 11714 13630 12654 12070 12776 15042 15698 24798 116361 77185 77242 0 20000 40000 60000 80000 100000 120000 140000 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec https://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurrency-mining-malware-2018-new-menace/ - accessed 9th Nov 2018
Javascript – Coinhive 19 https://coinhive.com – accessed 9th Nov 2018
Javascript – AuthedMine captcha 20 https://coinhive.com – accessed 9th Nov 2018
Locating sites with a coinhive script • https://publicwww.com/websites/"coinhive.min.js"/ 21 accessed 9th Nov 2018
Locating devices with a coinhive script • https://www.shodan.io/search?query=coinhive.min.js 22 accessed 9th Nov 2018
Locating devices with a coinhive script • https://www.shodan.io/search?query=coinhive.min.js 23 accessed 9th Nov 2018
Cryptomining in action 28 https://www.thehopepage.org
Chrome Task Manager • Open the Chrome Task Manager by using the Shift+ESC keyboard combination • Or from the Chrome menu, then More Tools, and then Chrome Task Manager. 29
End user protection • Use the Task Manager (Windows) or Activity Monitor (Mac OS X) • Disable JavaScript in the browser • Browser extensions like “No Coin” are available on Google Chrome and Firefox. Opera has it enabled by default. • Install third-party malware detection and anti-virus software • Update and patch software 30
Opera 31
Network protection • Check vendor advisories and recommendations • Update firewall rules • Update Intrusion Detection System (IDS) rules • Update and Patch all systems • Block known crypto miner domains – https://gitlab.com/ZeroDot1/CoinBlockerLists – https://zerodot1.gitlab.io/CoinBlockerListsWeb/downloads.html – http://iplists.firehol.org 32
Confirm if site is on block list 36 https://malware-research.org/coinblockerlists/
VirusTotal • Use the search feature to find information about a threat • Search term – fba937ffc0291601_sdat.exe 39 https://www.virustotal.com/en/file/fba937ffc0291601b7b03548dac94ef6f321077b96ec561c9f595fb71fc50ccb/analysis/1504908698/
YARA – pattern matching for Malware 40 https://virustotal.github.io/yara/ - accessed 16th Nov 2018
Any questions? 45

Recommended

What is Cryptojacking and How Can I Protect Myself?
What is Cryptojacking and How Can I Protect Myself?What is Cryptojacking and How Can I Protect Myself?
What is Cryptojacking and How Can I Protect Myself?Global Knowledge Training
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor AuthenticationDilip Kr. Jangir
 
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolschrizjohn896
 
Side channel attacks
Side channel attacksSide channel attacks
Side channel attacksStefan Fodor
 
Malware forensics
Malware forensicsMalware forensics
Malware forensicsSameera Amjad
 
CryptoJacking and Security: Evolution of a Hack
CryptoJacking and Security: Evolution of a HackCryptoJacking and Security: Evolution of a Hack
CryptoJacking and Security: Evolution of a HackBryan Becker
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking PowerpointRen Tuazon
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hackDharmesh Makwana
 

Recommended

What is Cryptojacking and How Can I Protect Myself?
What is Cryptojacking and How Can I Protect Myself?What is Cryptojacking and How Can I Protect Myself?
What is Cryptojacking and How Can I Protect Myself?Global Knowledge Training
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor AuthenticationDilip Kr. Jangir
 
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolschrizjohn896
 
Side channel attacks
Side channel attacksSide channel attacks
Side channel attacksStefan Fodor
 
Malware forensics
Malware forensicsMalware forensics
Malware forensicsSameera Amjad
 
CryptoJacking and Security: Evolution of a Hack
CryptoJacking and Security: Evolution of a HackCryptoJacking and Security: Evolution of a Hack
CryptoJacking and Security: Evolution of a HackBryan Becker
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking PowerpointRen Tuazon
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hackDharmesh Makwana
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingMonika Deswal
 
Browser Security
Browser SecurityBrowser Security
Browser SecurityRoberto Suggi Liverani
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsOldsun
 
DoS or DDoS attack
DoS or DDoS attackDoS or DDoS attack
DoS or DDoS attackstollen_fusion
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
Black hat hackers
Black hat hackersBlack hat hackers
Black hat hackersSantosh Kumar
 
Module 2 Foot Printing
Module 2 Foot PrintingModule 2 Foot Printing
Module 2 Foot Printingleminhvuong
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingNaveen Sihag
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service AttacksHansa Nidushan
 
Port scanning
Port scanningPort scanning
Port scanningHemanth Pasumarthi
 
Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Anpumathews
 
What is two factor or multi-factor authentication
What is two factor or multi-factor authenticationWhat is two factor or multi-factor authentication
What is two factor or multi-factor authenticationJack Forbes
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Android Hacking
Android HackingAndroid Hacking
Android Hackingantitree
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle AttackDeepak Upadhyay
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsMithileysh Sathiyanarayanan
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffersKunal Thakur
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics sunanditaAnand
 
DVWA(Damn Vulnerabilities Web Application)
DVWA(Damn Vulnerabilities Web Application)DVWA(Damn Vulnerabilities Web Application)
DVWA(Damn Vulnerabilities Web Application)Soham Kansodaria
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hackingVishal Kumar
 
Cryptocurrencies and Blockchain technology
Cryptocurrencies and Blockchain technologyCryptocurrencies and Blockchain technology
Cryptocurrencies and Blockchain technologySabrina Kirrane
 
CoinMiners are Evasive - BsidesTLV
CoinMiners are Evasive - BsidesTLVCoinMiners are Evasive - BsidesTLV
CoinMiners are Evasive - BsidesTLVThomas Roccia
 

More Related Content

What's hot

Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsOldsun
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
Module 2 Foot Printing
Module 2 Foot PrintingModule 2 Foot Printing
Module 2 Foot Printingleminhvuong
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service AttacksHansa Nidushan
 
Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Anpumathews
 
What is two factor or multi-factor authentication
What is two factor or multi-factor authenticationWhat is two factor or multi-factor authentication
What is two factor or multi-factor authenticationJack Forbes
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Android Hacking
Android HackingAndroid Hacking
Android Hackingantitree
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle AttackDeepak Upadhyay
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics sunanditaAnand
 
DVWA(Damn Vulnerabilities Web Application)
DVWA(Damn Vulnerabilities Web Application)DVWA(Damn Vulnerabilities Web Application)
DVWA(Damn Vulnerabilities Web Application)Soham Kansodaria
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hackingVishal Kumar
 

What's hot (20)

Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Browser Security
Browser SecurityBrowser Security
Browser Security
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
DoS or DDoS attack
DoS or DDoS attackDoS or DDoS attack
DoS or DDoS attack
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applications
 
Black hat hackers
Black hat hackersBlack hat hackers
Black hat hackers
 
Module 2 Foot Printing
Module 2 Foot PrintingModule 2 Foot Printing
Module 2 Foot Printing
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service Attacks
 
Port scanning
Port scanningPort scanning
Port scanning
 
Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1
 
What is two factor or multi-factor authentication
What is two factor or multi-factor authenticationWhat is two factor or multi-factor authentication
What is two factor or multi-factor authentication
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
 
Android Hacking
Android HackingAndroid Hacking
Android Hacking
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle Attack
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics
 
DVWA(Damn Vulnerabilities Web Application)
DVWA(Damn Vulnerabilities Web Application)DVWA(Damn Vulnerabilities Web Application)
DVWA(Damn Vulnerabilities Web Application)
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hacking
 

Similar to PacNOG 23: Introduction to Crypto Jacking

Cryptocurrencies and Blockchain technology
Cryptocurrencies and Blockchain technologyCryptocurrencies and Blockchain technology
Cryptocurrencies and Blockchain technologySabrina Kirrane
 
CoinMiners are Evasive - BsidesTLV
CoinMiners are Evasive - BsidesTLVCoinMiners are Evasive - BsidesTLV
CoinMiners are Evasive - BsidesTLVThomas Roccia
 
Blockshow Blockchain Assets (Evaluation and Management) Munich April 2017
Blockshow Blockchain Assets (Evaluation and Management) Munich April 2017Blockshow Blockchain Assets (Evaluation and Management) Munich April 2017
Blockshow Blockchain Assets (Evaluation and Management) Munich April 2017Marina Guryeva
 
CRYPTO SENTIMENT ANALYSIS: JACKSON#5 case study-
CRYPTO SENTIMENT ANALYSIS: JACKSON#5 case study- CRYPTO SENTIMENT ANALYSIS: JACKSON#5 case study-
CRYPTO SENTIMENT ANALYSIS: JACKSON#5 case study- ADMP AWARDS
 
RSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case Studies
RSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case StudiesRSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case Studies
RSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case StudiesWayne Huang
 
Cyber Fraud - The New Frontiers
Cyber Fraud - The New FrontiersCyber Fraud - The New Frontiers
Cyber Fraud - The New FrontiersAlbert Hui
 
Cryptoknowmics Get Real-Time Crypto News And Updates.pptx
Cryptoknowmics Get Real-Time Crypto News And Updates.pptxCryptoknowmics Get Real-Time Crypto News And Updates.pptx
Cryptoknowmics Get Real-Time Crypto News And Updates.pptxManoj Singhaniya
 
Cryptojacking - by Vishwaraj101
Cryptojacking - by Vishwaraj101Cryptojacking - by Vishwaraj101
Cryptojacking - by Vishwaraj101v_raj
 
AI and Machine Learning for Analyzing Cryptocurrencies and the Blockchain
AI and Machine Learning for Analyzing Cryptocurrencies and the BlockchainAI and Machine Learning for Analyzing Cryptocurrencies and the Blockchain
AI and Machine Learning for Analyzing Cryptocurrencies and the BlockchainRakuten Group, Inc.
 
DevSecCon London 2018: Whatever happened to attack aware applications?
DevSecCon London 2018: Whatever happened to attack aware applications?DevSecCon London 2018: Whatever happened to attack aware applications?
DevSecCon London 2018: Whatever happened to attack aware applications?DevSecCon
 
Pedro Fortuna - Protecting Crypto Exchanges From a New Wave of Man-in-the-Bro...
Pedro Fortuna - Protecting Crypto Exchanges From a New Wave of Man-in-the-Bro...Pedro Fortuna - Protecting Crypto Exchanges From a New Wave of Man-in-the-Bro...
Pedro Fortuna - Protecting Crypto Exchanges From a New Wave of Man-in-the-Bro...Hacken_Ecosystem
 
InfoSec Monthly News Recap: April 2017
InfoSec Monthly News Recap: April 2017InfoSec Monthly News Recap: April 2017
InfoSec Monthly News Recap: April 2017Ettore Fantin
 
Bitcoin - shady underworld or bright future, September 2018
Bitcoin - shady underworld or bright future, September 2018Bitcoin - shady underworld or bright future, September 2018
Bitcoin - shady underworld or bright future, September 2018Luno
 
ICO and Cyber security - How to protect from hackers during ICOs
ICO and Cyber security - How to protect from hackers during ICOsICO and Cyber security - How to protect from hackers during ICOs
ICO and Cyber security - How to protect from hackers during ICOsNagib Aouini
 
Become a Threat Hunter by Hamza Beghal
Become a Threat Hunter by Hamza BeghalBecome a Threat Hunter by Hamza Beghal
Become a Threat Hunter by Hamza BeghalNull Singapore
 
Web3 + scams = It's a match
Web3 + scams = It's a matchWeb3 + scams = It's a match
Web3 + scams = It's a matchZoltan Balazs
 
Getting Started in Blockchain Security and Smart Contract Auditing
Getting Started in Blockchain Security and Smart Contract AuditingGetting Started in Blockchain Security and Smart Contract Auditing
Getting Started in Blockchain Security and Smart Contract AuditingBeau Bullock
 
Final presentation for one-week project
Final presentation for one-week projectFinal presentation for one-week project
Final presentation for one-week projectVadimDavydov3
 

Similar to PacNOG 23: Introduction to Crypto Jacking (20)

Cryptocurrencies and Blockchain technology
Cryptocurrencies and Blockchain technologyCryptocurrencies and Blockchain technology
Cryptocurrencies and Blockchain technology
 
CoinMiners are Evasive - BsidesTLV
CoinMiners are Evasive - BsidesTLVCoinMiners are Evasive - BsidesTLV
CoinMiners are Evasive - BsidesTLV
 
Blockshow Blockchain Assets (Evaluation and Management) Munich April 2017
Blockshow Blockchain Assets (Evaluation and Management) Munich April 2017Blockshow Blockchain Assets (Evaluation and Management) Munich April 2017
Blockshow Blockchain Assets (Evaluation and Management) Munich April 2017
 
CRYPTO SENTIMENT ANALYSIS: JACKSON#5 case study-
CRYPTO SENTIMENT ANALYSIS: JACKSON#5 case study- CRYPTO SENTIMENT ANALYSIS: JACKSON#5 case study-
CRYPTO SENTIMENT ANALYSIS: JACKSON#5 case study-
 
RSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case Studies
RSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case StudiesRSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case Studies
RSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case Studies
 
Web Cryptomining in the .ch Zone
Web Cryptomining in the .ch ZoneWeb Cryptomining in the .ch Zone
Web Cryptomining in the .ch Zone
 
Cyber Fraud - The New Frontiers
Cyber Fraud - The New FrontiersCyber Fraud - The New Frontiers
Cyber Fraud - The New Frontiers
 
Cryptoknowmics Get Real-Time Crypto News And Updates.pptx
Cryptoknowmics Get Real-Time Crypto News And Updates.pptxCryptoknowmics Get Real-Time Crypto News And Updates.pptx
Cryptoknowmics Get Real-Time Crypto News And Updates.pptx
 
Cryptojacking - by Vishwaraj101
Cryptojacking - by Vishwaraj101Cryptojacking - by Vishwaraj101
Cryptojacking - by Vishwaraj101
 
Hacking the world
Hacking the worldHacking the world
Hacking the world
 
AI and Machine Learning for Analyzing Cryptocurrencies and the Blockchain
AI and Machine Learning for Analyzing Cryptocurrencies and the BlockchainAI and Machine Learning for Analyzing Cryptocurrencies and the Blockchain
AI and Machine Learning for Analyzing Cryptocurrencies and the Blockchain
 
DevSecCon London 2018: Whatever happened to attack aware applications?
DevSecCon London 2018: Whatever happened to attack aware applications?DevSecCon London 2018: Whatever happened to attack aware applications?
DevSecCon London 2018: Whatever happened to attack aware applications?
 
Pedro Fortuna - Protecting Crypto Exchanges From a New Wave of Man-in-the-Bro...
Pedro Fortuna - Protecting Crypto Exchanges From a New Wave of Man-in-the-Bro...Pedro Fortuna - Protecting Crypto Exchanges From a New Wave of Man-in-the-Bro...
Pedro Fortuna - Protecting Crypto Exchanges From a New Wave of Man-in-the-Bro...
 
InfoSec Monthly News Recap: April 2017
InfoSec Monthly News Recap: April 2017InfoSec Monthly News Recap: April 2017
InfoSec Monthly News Recap: April 2017
 
Bitcoin - shady underworld or bright future, September 2018
Bitcoin - shady underworld or bright future, September 2018Bitcoin - shady underworld or bright future, September 2018
Bitcoin - shady underworld or bright future, September 2018
 
ICO and Cyber security - How to protect from hackers during ICOs
ICO and Cyber security - How to protect from hackers during ICOsICO and Cyber security - How to protect from hackers during ICOs
ICO and Cyber security - How to protect from hackers during ICOs
 
Become a Threat Hunter by Hamza Beghal
Become a Threat Hunter by Hamza BeghalBecome a Threat Hunter by Hamza Beghal
Become a Threat Hunter by Hamza Beghal
 
Web3 + scams = It's a match
Web3 + scams = It's a matchWeb3 + scams = It's a match
Web3 + scams = It's a match
 
Getting Started in Blockchain Security and Smart Contract Auditing
Getting Started in Blockchain Security and Smart Contract AuditingGetting Started in Blockchain Security and Smart Contract Auditing
Getting Started in Blockchain Security and Smart Contract Auditing
 
Final presentation for one-week project
Final presentation for one-week projectFinal presentation for one-week project
Final presentation for one-week project
 

More from APNIC

DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119APNIC
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119APNIC
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119APNIC
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPNIC
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6APNIC
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!APNIC
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023APNIC
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAPNIC
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAPNIC
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAPNIC
 

More from APNIC (20)

DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet development
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment Status
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressing
 

Recently uploaded

A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一3sw2qly1
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Personfurqan222004
 
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girlsstephieert
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya
 
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on DeliveryCall Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Deliverybabeytanya
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 

Recently uploaded (20)

A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Person
 
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
 
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on DeliveryCall Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 

PacNOG 23: Introduction to Crypto Jacking

  • 1. 1 Introduction to Crypto Jacking Warren Finch PacNOG 23 - 3rd Dec 2018 Marshall Islands
  • 2. Agenda • Web based coin miners • What is cryptojacking • Are all cryptominers bad? • Cryptomining malware • Mitigation techniques 2
  • 3. 18th Apr 2014 Monero Cryptocurrency released Timeline 3 https://arxiv.org/pdf/1803.02887.pdf - accessed 15th Nov 2018 2014 20182017 14th Sep 2017 Coinhive Miner launched 16th Oct 2017 Coinhive launches AuthedMine 11th Feb 2018 UK Information Commissioner’s Office Incident Sep 2018 Webcobra Malware discovered
  • 4. Web based coin miners 5 https://alternativeto.net/software/coinhive/ - accessed 9th Nov 2018 Name URL Coinhive https://coinhive.com AuthedMine https://authedmine.com Coin-Have https://coin-have.com CoinImp https://www.coinimp.com/ Minexmr.stream https://minexmr.stream JSECoin https://jsecoin.com/ Adless https://www.adless.io/ Crypto-loot https://crypto-loot.com GridCash https://gridcash.net/ CryptoNoter https://github.com/cryptonoter
  • 5. Web based coin miners 6 https://alternativeto.net/software/coinhive/ - accessed 9th Nov 2018 Name URL Coinhive https://coinhive.com AuthedMine https://authedmine.com Coin-Have https://coin-have.com CoinImp https://www.coinimp.com/ Minexmr.stream https://minexmr.stream JSECoin https://jsecoin.com/ Adless https://www.adless.io/ Crypto-loot https://crypto-loot.com GridCash https://gridcash.net/ CryptoNoter https://github.com/cryptonoter
  • 6. What is Crypto Jacking 7 https://www.enisa.europa.eu/publications/info-notes/images_info_notes/cryptojacking.jpg
  • 7. What is Crypto Jacking • The unauthorized use of computing resources to mine cryptocurrencies. • Using malicious tools designed to hijack vulnerable systems to mine for cryptocurrency in the background using crypto mining software without the consent or knowledge of the victims. • The technique of hijacking browsers for mining cryptocurrency (without user consent). 8
  • 8. Are all crypto miners bad? 10 https://www.stfx.ca/about/news/stfx-systems-update-0 - accessed 8th Nov 2018
  • 9. Are all crypto miners bad? 11 https://www.itnews.com.au/news/unicef-australia-tries-in-browser-cryptocurrency-mining-489884 - accessed 9th Nov 2018
  • 10.
  • 11. Cryptomining malware • Leaked EternalBlue and DoublePulsar exploits are used to infect vulnerable windows servers and PCs. • Oracle’s WebLogic Server (CVE-2017-10271) flaw was also used to deliver miners onto servers. • Malware families distributed via malicious spam attachments, now have a coin miner module. • Android and Mac users are infected by trojanised apps laced with mining code. 16
  • 12. Crypto-mining malware detections in 2017 17 11703 11714 13630 12654 12070 12776 15042 15698 24798 116361 77185 77242 0 20000 40000 60000 80000 100000 120000 140000 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec https://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurrency-mining-malware-2018-new-menace/ - accessed 9th Nov 2018
  • 14. Javascript – AuthedMine captcha 20 https://coinhive.com – accessed 9th Nov 2018
  • 15. Locating sites with a coinhive script • https://publicwww.com/websites/"coinhive.min.js"/ 21 accessed 9th Nov 2018
  • 16. Locating devices with a coinhive script • https://www.shodan.io/search?query=coinhive.min.js 22 accessed 9th Nov 2018
  • 17. Locating devices with a coinhive script • https://www.shodan.io/search?query=coinhive.min.js 23 accessed 9th Nov 2018
  • 19. Chrome Task Manager • Open the Chrome Task Manager by using the Shift+ESC keyboard combination • Or from the Chrome menu, then More Tools, and then Chrome Task Manager. 29
  • 20. End user protection • Use the Task Manager (Windows) or Activity Monitor (Mac OS X) • Disable JavaScript in the browser • Browser extensions like “No Coin” are available on Google Chrome and Firefox. Opera has it enabled by default. • Install third-party malware detection and anti-virus software • Update and patch software 30
  • 22. Network protection • Check vendor advisories and recommendations • Update firewall rules • Update Intrusion Detection System (IDS) rules • Update and Patch all systems • Block known crypto miner domains – https://gitlab.com/ZeroDot1/CoinBlockerLists – https://zerodot1.gitlab.io/CoinBlockerListsWeb/downloads.html – http://iplists.firehol.org 32
  • 23. Confirm if site is on block list 36 https://malware-research.org/coinblockerlists/
  • 24. VirusTotal • Use the search feature to find information about a threat • Search term – fba937ffc0291601_sdat.exe 39 https://www.virustotal.com/en/file/fba937ffc0291601b7b03548dac94ef6f321077b96ec561c9f595fb71fc50ccb/analysis/1504908698/
  • 25. YARA – pattern matching for Malware 40 https://virustotal.github.io/yara/ - accessed 16th Nov 2018

Editor's Notes

  1. https://arxiv.org/pdf/1803.02887.pdf
  2. https://arxiv.org/pdf/1803.02887.pdf
  3. https://alternativeto.net/software/coinhive/
  4. https://alternativeto.net/software/coinhive/ https://www.virustotal.com/en/url/b6b6242a9507fcfaa11c49790e2bcb4334c03b086c87876dfd045cf02094148c/analysis/ https://urlscan.io/result/9096fd49-0a67-463f-8db4-6f362e401138
  5. https://www.enisa.europa.eu/publications/info-notes/images_info_notes/cryptojacking.jpg https://www.enisa.europa.eu/publications/info-notes/cryptojacking-cryptomining-in-the-browser
  6. https://news.softpedia.com/news/bitcoin-cryptojacking-attack-forces-university-to-disable-entire-network-523646.shtml
  7. https://www.stfx.ca/about/news/stfx-systems-update-0 https://news.softpedia.com/news/bitcoin-cryptojacking-attack-forces-university-to-disable-entire-network-523646.shtml
  8. https://www.stfx.ca/about/news/stfx-systems-update-0 https://news.softpedia.com/news/bitcoin-cryptojacking-attack-forces-university-to-disable-entire-network-523646.shtml
  9. https://www.itnews.com.au/news/unicef-australia-tries-in-browser-cryptocurrency-mining-489884 https://www.thehopepage.org
  10. https://twitter.com/Scott_Helme/status/962684239975272450/photo/1?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E962684239975272450&ref_url=https%3A%2F%2Fthenextweb.com%2Fsecurity%2F2018%2F02%2F12%2Fgovernment-websites-quietly-running-cryptocoin-mining-scripts%2F https://www.ncsc.gov.uk/news/ncsc-statement-malware-being-used-illegally-mine-cryptocurrency https://nakedsecurity.sophos.com/2018/02/12/cryptomining-script-poisons-government-websites-what-to-do/ https://thenextweb.com/security/2018/02/12/government-websites-quietly-running-cryptocoin-mining-scripts/ https://techcrunch.com/2018/02/12/browsealoud-coinhive-monero-mining-hack/
  11. https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/webcobra-malware-uses-victims-computers-to-mine-cryptocurrency/
  12. https://www.welivesecurity.com/2018/11/06/supply-chain-attack-cryptocurrency-exchange-gate-io/ https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/cryptocurrency-mining-malware-targets-linux-systems-uses-rootkit-for-stealth https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/over-200-000-mikrotik-routers-compromised-in-cryptojacking-campaign Known as CVE-2018-14847 the security flaw in MikroTik routers is being exploited with a view of installing the Coinhive cryptocurrency mining script in websites that users of the devices visit. https://www.ccn.com/monero-cryptomining-attack-affects-over-200000-isp-grade-routers-globally/ https://www.zdnet.com/article/how-much-does-the-pirate-bays-cryptocurrency-miner-make/ https://www.bleepingcomputer.com/news/security/cryptojackers-found-on-starbucks-wifi-network-github-pirate-streaming-sites/
  13. https://isc.sans.org/forums/diary/Crypto+Mining+in+a+Windows+Headless+Browser/24078/ https://steemit.com/mining/@ttox/headless-browser-mining
  14. https://blog.malwarebytes.com/cybercrime/2018/02/state-malicious-cryptomining/ https://blog.malwarebytes.com/threat-analysis/2018/02/new-mac-cryptominer-distributed-via-a-macupdate-hack/ https://publicwww.com/websites/"coinhive.min.js"/
  15. Cryptocurrency-mining malware detections in 2017 (based on Trend Micro Smart Protection Network) https://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurrency-mining-malware-2018-new-menace/
  16. https://www.mcafee.com/enterprise/en-us/assets/reports/rp-quarterly-threats-sep-2018.pdf
  17. https://coinhive.com/documentation/miner#constructor-options
  18. https://badpackets.net/how-to-find-cryptojacking-malware/ Coinhive Search term = "coinhive.min.js" URL = https://publicwww.com/websites/"coinhive.min.js"/ Returned results = 13884 AuthedMine Search term = authedmine && "captcha.min.js" URL = https://publicwww.com/websites/authedmine+%26%26+"captcha.min.js"/ Returned results = 272   https://isc.sans.edu/forums/diary/Cryptominer+Delivered+Though+Compromized+JavaScript+File/23870/ Search Term = "navigator['hardwareConcurrency’]” URL = https://publicwww.com/websites/"navigator%5B%27hardwareConcurrency%27%5D"/ Returned results = 1665
  19. https://badpackets.net/how-to-find-cryptojacking-malware/ Coinhive Search term = "coinhive.min.js" URL = https://publicwww.com/websites/"coinhive.min.js"/ Returned results = 13884 AuthedMine Search term = authedmine && "captcha.min.js" URL = https://publicwww.com/websites/authedmine+%26%26+"captcha.min.js"/ Returned results = 272   https://isc.sans.edu/forums/diary/Cryptominer+Delivered+Though+Compromized+JavaScript+File/23870/ Search Term = "navigator['hardwareConcurrency’]” URL = https://publicwww.com/websites/"navigator%5B%27hardwareConcurrency%27%5D"/ Returned results = 1665
  20. https://badpackets.net/how-to-find-cryptojacking-malware/ Coinhive Search term = "coinhive.min.js" URL = https://publicwww.com/websites/"coinhive.min.js"/ Returned results = 13884 AuthedMine Search term = authedmine && "captcha.min.js" URL = https://publicwww.com/websites/authedmine+%26%26+"captcha.min.js"/ Returned results = 272   https://isc.sans.edu/forums/diary/Cryptominer+Delivered+Though+Compromized+JavaScript+File/23870/ Search Term = "navigator['hardwareConcurrency’]” URL = https://publicwww.com/websites/"navigator%5B%27hardwareConcurrency%27%5D"/ Returned results = 1665
  21. https://badpackets.net/how-to-find-cryptojacking-malware/ Coinhive Search term = "coinhive.min.js" URL = https://publicwww.com/websites/"coinhive.min.js"/ Returned results = 13884 AuthedMine Search term = authedmine && "captcha.min.js" URL = https://publicwww.com/websites/authedmine+%26%26+"captcha.min.js"/ Returned results = 272   https://isc.sans.edu/forums/diary/Cryptominer+Delivered+Though+Compromized+JavaScript+File/23870/ Search Term = "navigator['hardwareConcurrency’]” URL = https://publicwww.com/websites/"navigator%5B%27hardwareConcurrency%27%5D"/ Returned results = 1665
  22. https://badpackets.net/how-to-find-cryptojacking-malware/ Coinhive Search term = "coinhive.min.js" URL = https://publicwww.com/websites/"coinhive.min.js"/ Returned results = 13884 AuthedMine Search term = authedmine && "captcha.min.js" URL = https://publicwww.com/websites/authedmine+%26%26+"captcha.min.js"/ Returned results = 272   https://isc.sans.edu/forums/diary/Cryptominer+Delivered+Though+Compromized+JavaScript+File/23870/ Search Term = "navigator['hardwareConcurrency’]” URL = https://publicwww.com/websites/"navigator%5B%27hardwareConcurrency%27%5D"/ Returned results = 1665
  23. https://badpackets.net/how-to-find-cryptojacking-malware/ Coinhive Search term = "coinhive.min.js" URL = https://publicwww.com/websites/"coinhive.min.js"/ Returned results = 13884 AuthedMine Search term = authedmine && "captcha.min.js" URL = https://publicwww.com/websites/authedmine+%26%26+"captcha.min.js"/ Returned results = 272   https://isc.sans.edu/forums/diary/Cryptominer+Delivered+Though+Compromized+JavaScript+File/23870/ Search Term = "navigator['hardwareConcurrency’]” URL = https://publicwww.com/websites/"navigator%5B%27hardwareConcurrency%27%5D"/ Returned results = 1665
  24. https://www.wandera.com/cryptojacking-mobile-threat/
  25. https://www.wandera.com/cryptojacking-mobile-threat/
  26. https://www.bleepingcomputer.com/news/security/using-the-chrome-task-manager-to-find-in-browser-miners/
  27. https://blog.malwarebytes.com/101/2018/02/how-to-protect-your-computer-from-malicious-cryptomining/
  28. https://community.sophos.com/kb/en-us/127988
  29. https://blog.talosintelligence.com/2018/07/blocking-cryptomining.html
  30. https://security.berkeley.edu/services/network-intrusion-detection-systems/getting-more-information-about-isp-snort-rules Install snort Log into snort.org and find snippet to update snort Download and extract update Search for SID 44692 SID: 44692 alert tcp $EXTERNAL_NET $FILE_DATA_PORTS -> $HOME_NET any (msg:"INDICATOR-OBFUSCATION CoinHive cryptocurrency mining attempt"; flow:to_client,established; file_data; content:"decodeURIComponent"; fast_pattern:only; content:"function"; nocase; content:"function"; within:50; nocase; content:"split"; within:200; content:"charCodeAt"; within:200; content:"push"; within:200; content:"charAt"; within:200; metadata:policy max-detect-ips drop, service ftp-data, service http, service imap, service pop3; classtype:misc-attack; sid:44692; rev:1;)
  31. ####### Update Snort ####### snort --version cd ~/Downloads/ https://www.snort.org/downloads/registered/snortrules-snapshot-2983.tar.gz?oinkcode=99a52bae5af6ff719d3ecb5fdf97a6d0f618ee76 mkdir snort cd snort tar -xvf ../snortrules-snapshot-2990.tar.gz sudo mv etc /etc/snort sudo mv rules /etc/snort/rules sudo service snort restart sudo /etc/init.d/snort restart
  32. Get-ExecutionPolicy Set-ExecutionPolicy remotesigned
  33. https://youtu.be/4DjHNtKWkes
  34. https://www.virustotal.com/en/file/fba937ffc0291601b7b03548dac94ef6f321077b96ec561c9f595fb71fc50ccb/analysis/1504908698/
  35. https://virustotal.github.io/yara/
  36. A first look at in browser Crypto Mining - https://arxiv.org/pdf/1803.02887.pdf