The cryptocurrency with the friendly Shiba is still in the news. This time, Dogecoin hides some very dark activities after a hack said to be using his blockchain network to exploit a Monero mining botnet.
When Dogecoin joins the dark side
Dogecoin (DOGE) has recently come back to the forefront following a move away from TikTok. This initiative calls on as many people as possible to buy a small amount of crypto to supposedly “get rich“, based on the (much) crazy hope of seeing a $1 DOGE.
Even Elon Musk, the CEO of Testla and SpaceX, is going there with his little winks on Dogecoin, causing little pumps on the DOGE course at the same time.
But a big problem is looming on the horizon for crypto with the iconic dog. According to a report by the cyber security company Intezer Labs, released on July 28, Dogecoin is being used with a hack to control Monero’s mining malware on Linux operating systems.
This new malware called Doki exploits a backdoor of Linux. It has been used by the hacker via Dogecoin wallets to infiltrate Internet servers.
An unexpected exploitation of the Dogecoin blockchain
These attacks specifically targeted command and control (C2) servers. Using this technique, the attacker controls the address that the malware will contact, by transferring a specific amount of Dogecoin from his wallet.
“Since only the attacker has control of the wallet, only he can control when and how much to transfer Dogecoin, and therefore change domains accordingly. Furthermore, because the blockchain is both unalterable and decentralized, this new method can be very resistant to infrastructure attacks by law enforcement and attempts by security products to filter domains. “Report by Intezer Labs.
By using these Dogecoin transactions, attackers can modify the C2 addresses of exposed computers. The attack is made possible by incorrectly configured programming interfaces (APIs). Here, hackers exploit the dogechain.info API, a block explorer of the Dogecoin network.
The attack, nicknamed “Ngrok Botnet”, is still active to this day. Doki is not even spotted by the 60 malware detection engines of the VirusTotal site, according to Intezer Labs.
If the Dogecoin crypto was originally part of a simple joke, this attack is no longer a laughing matter. The anti-malware software Intezer Protect seems to be one of the few to detect Doki’s malicious code.