Hackers exploit Russian smart homes to mine crypto, launch DDoS attacks

March 24, 2025 06:43 AM PDT | By Invezz

Hackers exploit Russian smart homes to mine crypto, launch DDoS attacks — Image source: Invezz

Crypto mining through smart homes

The reported attacks centre around smart home systems being repurposed into crypto mining hubs.

Law enforcement sources told TASS that hackers are hijacking devices such as smart toothbrushes, temperature sensors, and surveillance cameras.

These are then added to a decentralised botnet infrastructure, enabling attackers to use processing power for mining cryptocurrency.

Simultaneously, these botnets are also being leveraged to conduct DDoS attacks.

The exact methods being used to exploit the devices remain unclear, and the agency has not disclosed which specific systems or manufacturers are affected.

Still, the incident points to a wider trend in cybercriminal strategies, where household devices become low-profile entry points for complex cyber operations.

Surveillance risks from device access

Beyond financial exploitation, the report suggests potential breaches of personal security.

Hackers may be gaining access to live or stored video from security cameras and collecting usage data from other connected devices.

These could include patterns from temperature sensors or brushing routines logged by smart toothbrushes—data that may help attackers determine whether a resident is home.

The concern is not only about the theft of data or processing power, but also how the information can be weaponised.

In past cases, similar vulnerabilities have been used to track individuals, map their behaviours, or prepare for physical intrusion.

The latest case has reignited debate over data privacy and the urgency of strengthening IoT cybersecurity protocols.

Crypto theft via browser malware

The smart home exploitation report comes amid ongoing issues around crypto-targeted malware.

In 2022, crypto.news detailed a malware strain hidden in downloadable movie files that targeted torrent users.

This malware executed a PowerShell command to inject malicious code into the Firefox browser.

The objective was to hijack cryptocurrency transactions—specifically replacing Bitcoin (BTC) and Ethereum (ETH) wallet addresses with the attacker’s own.

Aside from stealing crypto funds, the malware could manipulate Google search results, mine cryptocurrencies in the background, and even redirect Wikipedia donations.

The malware campaign showed how cybercriminals are layering different objectives—ranging from theft and disruption to reputation attacks—into single malware deployments.

IoT flaws enable crypto attacks

As the number of smart home installations grows, so does the potential attack surface.

Russia’s latest report underscores how IoT devices—once considered too small or weak to pose significant risk—can be scaled into powerful tools for cybercrime.

The exploitation of common household devices for both surveillance and crypto mining signals a hybrid threat that targets personal safety and financial assets.

The broader lesson from the report lies in the convergence of seemingly unrelated technologies: smart home systems and decentralised finance.

While smart homes offer convenience and automation, their vulnerabilities are now being tapped by attackers motivated by the financial rewards of mining and stealing cryptocurrencies.

With Russia’s law enforcement agencies still investigating the case, more specific details may emerge in the coming weeks.

Until then, the incident serves as a reminder for consumers and manufacturers alike to invest in security updates, firmware integrity, and encrypted communications for all IoT devices.

The post Hackers exploit Russian smart homes to mine crypto, launch DDoS attacks appeared first on Invezz

Disclaimer

The content, including but not limited to any articles, news, quotes, information, data, text, reports, ratings, opinions, images, photos, graphics, graphs, charts, animations, and video (Content) is a service of Kalkine Media LLC., having Delaware File No. 4697309 (“Kalkine Media, we or us”) and is available for personal and non-commercial use only. The principal purpose of the Content is to educate and inform. The Content does not contain or imply any recommendation or opinion intended to influence your financial decisions and must not be relied upon by you as such. Some of the Content on this website may be sponsored/non-sponsored, as applicable, but is NOT a solicitation or recommendation to buy, sell or hold the stocks of the company(s) or engage in any investment activity under discussion. Kalkine Media is neither licensed nor qualified to provide investment advice through this platform. Users should make their own enquiries about any investments and Kalkine Media strongly suggests the users to seek advice from a financial adviser, stockbroker or other professional (including taxation and legal advice), as necessary. Kalkine Media hereby disclaims any and all the liabilities to any user for any direct, indirect, implied, punitive, special, incidental or other consequential damages arising from any use of the Content on this website, which is provided without warranties. The views expressed in the Content by the guests, if any, are their own and do not necessarily represent the views or opinions of Kalkine Media.
The content published on Kalkine Media also includes feeds sourced from third-party providers. Kalkine does not assert any ownership rights over the content provided by these third-party sources. The inclusion of such feeds on the Website is for informational purposes only. Kalkine does not guarantee the accuracy, completeness, or reliability of the content obtained from third-party feeds. Furthermore, Kalkine Media shall not be held liable for any errors, omissions, or inaccuracies in the content obtained from third-party feeds, nor for any damages or losses arising from the use of such content. Some of the images/music that may be used on this website are copyrighted to their respective owner(s). Kalkine Media does not claim ownership of any of the pictures/music displayed/used on this website unless stated otherwise. The images/music that may be used on this website are taken from various sources on the internet, including paid subscriptions or are believed to be in public domain. We have used reasonable efforts to accredit the source (public domain/CC0 status) to where it was found and indicated it, as necessary.
This disclaimer is subject to change without notice. Users are advised to review this disclaimer periodically for any updates or modifications.