Two Hacker Mining Groups are Fighting Over Cloud Linux Server

Two hacker crypto mining groups are fighting to take control of as many Linux cloud servers as possible so that they can use the cloud-based computational resources to mine cryptocurrencies. Reports suggest that the war over the control of cloud servers have been going on for over a year.

The two hacker group in question are Rocke, the top hacker group predominantly known for their Monero crypto mining operations, and the new challenger Pacha. Both the groups prey upon the software vulnerabilities in cloud servers and then infect them with multi-functional Linux based malware strain.

Pacha the challenger group has been able to give a strong fight to the dominant Rocke group with its strategy of removing a long list of known crypto mining malware that it has infected in the past. With this approach, the smaller of the two groups have been able to carve a large chunk in the crypto mining scene.

Pacha is now Targeting Rival Group Rocke Miners

Pacha is now targeting its rival group Rocke miners, where they identify the rival group miners and remove them in order to eat away the control of the rival group. While Rocke group’s malware also has the ability to identify and eliminate miners, its intensity is lower than Pacha.  Intezer Labs security researcher, Nacho Sanmillan explained,”

Although [Rocke] does try to eliminate some generic miners, it is a smaller set in comparison with what Pacha does,” Sanmillan told ZDNet yesterday.”

At the moment the Pacha group is giving a stiff competition to the Rocke malware, but security analysts believe that Rocke still has the advantage over its rival due to the superiority of the malware which now possesses the ability to uninstall cloud-based security patches. At the same time, Pacha is catching up fast with its rivals and has added support for an Atlassian Confluence server vulnerability in its malware which is one of the most exploited security flaws today.

Final Thoughts

Crypto jacking has been a contagious problem in the crypto mining industry and given the involvement of large mining farms, who pre-dominantly uses cloud-based technology for their operations. The crypto jacking groups like Pacha and Rocke with their advanced malware are already praying upon these mining operations, and if security engineers do not come up with some innovative counter-jacking software, the problem is only going to intensify.