Email Auto-Reply Vulnerability Enables Hidden Crypto Mining

Email Auto-Reply Targets Users for Crypto Theft

Cybersecurity researchers have uncovered a new method used by hackers to distribute malware for covert cryptocurrency mining. Hackers are leveraging automated email replies from compromised accounts to deliver the XMRig mining software, targeting companies and financial institutions.

Researchers from the threat intelligence firm Facct reported that attackers primarily focused on Russian companies and marketplaces. The hackers exploited auto-reply emails to install the XMRig miner on victims' devices, allowing them to mine Monero (XMR) tokens stealthily. Facct's analysts identified 150 emails containing the malicious XMRig software since May, although their business email protection system successfully blocked these emails from reaching their clients.

Email Auto-Reply Vulnerability: Auto-Reply Emails with Malware

Facct senior analyst Dmitry Eremenko highlighted the unique danger posed by this attack method. Unlike traditional mass phishing attempts, where potential victims can easily dismiss irrelevant messages, auto-reply emails appear legitimate because the victims are the ones initiating the communication. Victims may expect a response from the person they originally contacted, unaware that the email account has been compromised. This makes it easier for hackers to distribute malware without raising suspicion.

Eremenko explained, "Although the email itself may not look convincing, communication has already been established, making the malware distribution less likely to be questioned."

Facct urges businesses to remain vigilant and proactive in their cybersecurity efforts. Regular training sessions to increase employee awareness of current cyber threats are recommended, as well as implementing strong passwords and multifactor authentication. These measures are crucial in protecting companies from these types of sophisticated attacks.

What Is XMRig?

XMRig is an open-source application designed for mining Monero (XMR), a cryptocurrency focused on privacy. While the software is legitimate, hackers have increasingly integrated XMRig into their attacks, installing it on compromised systems to mine cryptocurrency. Since 2020, malware campaigns like Lucifer and FritzFrog have used XMRig to target vulnerabilities in Windows systems and large networks, allowing hackers to mine Monero without the victims' knowledge.

Also Read: Best P2P Crypto Exchange in India: Trade with Confidence