Crypto-jacking is one of the most popular methods among hackers in recent times where they infect a system and use its power to mine cryptocurrencies. These stealthy malwares have even managed to infect government-owned supercomputers, and this fuelled the research to develop tools to specifically track these miners.
The latest project of this sort comes from the infamous Los Alamos National Laboratory, the lab that created the atomic bomb. Scientists, there have developed an artificial intelligence (AI) program that’ll detect these crypto-jacking malware.
A recent press release from the lab reveals that the AI is designed to specifically detect these bad actors that target supercomputers to mine cryptocurrencies like bitcoin (BTC) and Monero (XMR).
Dubbed SiCaGCN, the advanced neural network works by verifying, whether a particular application has the proper backend structure to run on the computer system.
The AI uses graph comparisons, and cannot be bypassed by the common malwares that illicit cryptocurrency miners use to encapsulate their codes, like obfuscating variables and comments added to make a program look legitimate.
The laboratory elaborates:
“Much as human criminals can be caught by comparing the whorls and arcs on their fingertips to records in a fingerprint database, the new AI system compares the contours in a program’s flow-control graph to a catalog of graphs for programs that are allowed to run on a given computer.”
The researchers also tested the AI and found that the system was able to identify the threat much more quickly and reliably than conventional solutions available to date.
The lab concluded that the system might not be entirely foolproof, but it still enhances the existing systems and would prove to be a useful tool for cyber investigators to use to track down cybercriminals.
Gopinath Chennupati, a project researcher, said in a statement:
“This type of software watchdog will soon be crucial to prevent cryptocurrency miners from hacking into high-performance computing facilities and stealing precious computing resources.”
Several supercomputers infected this year
Earlier in August, hackers infected multiple supercomputers placed across Europe including the ones at the University of Edinburgh, bwHPC, a Germany-based organization, the Ludwig-Maximilians University in Munich, and the Swiss Center of Scientific Computations (CSCS) in Zurich, Switzerland.
All the processing power from these billion-dollar machines were used to mine Monero (XMR). The hackers used an exploit for the CVE-2019-15666 vulnerability to gain root access to the system and then launched an application that mined XMR.