Beapy – Cryptojacking Worm Hits Enterprises in China

Beapy, a cryptojacking campaign, has taken the crypto world by storm due to its authoritative impact on enterprises. The campaign uses the EternalBlue exploit along with stolen and hardcoded credentials to spread rapidly across networks. Furthermore, it uses patched machines to collect credentials from infected computers.

Beapy: Its affect able radius

Although the entire world must be the target, primarily Beapy has eyed the enterprises in Asia. An estimate of more than 80 percent of its victims located in China, with other victims in South Korea, Japan, and Vietnam. The devilish-program is a file-based coinminer that uses email as an initial infection vector. Its first occurrence was observed in Symantec telemetry in January 2019 and is now increasing at a rapid pace since March.

Types of coinminers: File-based vs Browser-based

File-based coinminers have an advantage over browser-based coinminers due to their ability to mine cryptocurrency faster. The Monero cryptocurrency, the cryptocurrency most commonly mined during cryptojacking attacks, dropped in value by 90 percent in 2018. This hints towards the fact that miners that create cryptocurrency faster are now more popular with cybercriminals.

Enterprises need to take this seriously

While enterprises might think they don’t need to worry about cryptojacking as much as more disruptive threats such as ransomware, it could still have a major impact on the company’s operations.

Realistic impacts of Cryptojacking

Potential impacts of cryptojacking for businesses include:

  • A slowdown in devices’ performance, potentially leading to employee frustration and a reduction in productivity,
  • Overheating batteries,
  • Devices becoming degraded and unusable, leading to higher IT costs,
  • Increased costs due to increased electricity usage, and for businesses operating in the cloud that are billed based on CPU usage.