Sick cryptojackers have tried to capitalize on the death of basketball legend Kobe Bryant by inserting covert mining software into a computer desktop wallpaper. The exploit was discovered by Microsoft Security Intelligence researchers, who found a malicious file hidden inside a downloadable wallpaper, showing that hackers will stop at nothing to get their hands on some extra money.
While the world mourns the loss of an NBA legend, cybercriminals are, as expected, taking advantage of the tragedy. We found a malicious HTML file posing as a Kobe Bryant wallpaper that contains a coin mining script. pic.twitter.com/w2JwPvqFy5
— Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020
Cyber Criminals Take Advantage of Bryant’s Death
Bryant died along with his daughter and seven others in a helicopter crash on January 26, and it seems hackers wasted no time in capitalizing to capitalize on the grief being experienced by millions of fans worldwide, according to the research team:
While the world mourns the loss of an NBA legend, cyber criminals are, as expected, taking advantage of the tragedy. We found a malicious HTML file posing as a Kobe Bryant wallpaper that contains a coin mining script.
The researchers added that the exploit was likely a Monero miner as the script referenced Coinhive, a now defunct cloud mining service that assisted cryptojackers by offering an easy platform until it closed in March last year.
Cryptojacking Not Going Away
Cryptojacking cases rose enormously in 2018 due to the explosion in cryptocurrency popularity, to the point where security monitor Check Point cited it as the most wanted malware type of that year. Cryptojacking case numbers dipped in 2019 following crypto’s subsequent downtrend and Coinhive’s closure, although this was also put down to hackers using less detectable techniques.
Cryptojacking typically involves hiding a malicious file within a legitimate one, often an image or a video, which then executes an attack in the background of a person’s phone or computer, remotely using their CPU for mining purposes. Often the change is so subtle that the user does not notice it, but a sudden jump in CPU usage can be suggestive of such an attack.