Whether it be the California Gold Rush, the deep 250-mile run of gold discovered in South Africa or the Great Australian Gold Rush, few events have driven so many fortune-seeking prospectors throughout history to mine for riches more than the allure of gold. You may have missed some of the most famous gold rushes in history but the past year has shown the world a new type of gold rush, defined by the digital world we live in today. It is not gold that is magnetizing so many people to become miners, but cryptocurrencies such as Bitcoin.  The tools required for this modern day mining rush is not a shovel and gold pan however.  The tools of the trade time include a rack of servers, or if you don’t have the money to invest in pricey infrastructure, a few lines of malicious code will do the trick as well.

The Cryptocurrency Craze

Cryptocurrency is all the rage today as people lay down money in crypto exchanges to secure a wallet to purchase bitcoins and other high valued cryptocurrencies.  With such huge speculative fluctuations in pricing for these digital coins, the less risker way to play this new craze is in mining.  Miners use computer-processing power to create the digital currency.  Mining today requires far more robust systems than were required a couple of years ago due to the surge in popularity of these currencies.  In exchange for creating and managing the ledgers, miners get a share of the cryptocurrencies they mine.

While a gold rush type of mania attracts many enterprising and fortune-seeking individuals, it also attracts sinister individuals as well who look to use more dubious means to obtain their fortunes.  The hash rate requirements for crypto mining requires a great deal of processing power and electricity to mine bitcoin and other cryptocurrency.  This of course requires significant CAPEX to fund the necessary high-end processors and infrastructure.  As a result, some unscrupulous individuals have found ways to use the CPU power of unsuspecting users. While a single client device has nowhere near the capacity to mine cryptocurrency by itself, the collective effort of millions of devices can.  Hackers who control these zombie armies of miners are ringing in the profits.

One sinister method of acquiring miners involves cryptocurrency mining malware. Once a device is infected with this malicious code, it begins using the CPU and memory resources of its hardware host to help collectively mine a designated cryptocurrency. This type of malware first appeared years ago when bitcoin came into fruition, but phased out once the hash requirements exceeded the capabilities of consumer-based CPUs.  Thanks to the proliferation of an ever-growing number of cyber currencies, this menace is exponentially growing once again along with the value of the involved digital coins.  In addition, many criminals involved in ransomware last year are now transitioning to crypto-mining malware as the money is more predictable and steady.

Types of Crypto-Mining Threats

An IBM security team reports that cryptocurrency mining attacks have increased by over 600% this year while Kaspersky Lab reports to have found the mining menace on 1.6 million client computers.  One example of malware is Adylkuzz, which has been one of the biggest menaces of 2017.  It actually infects PCs in the same manner as the WannaCry virus, using an exploit found in the Server Message Block protocol.  Unlike WannaCry however, it does not require any manual interaction to infect the system.

While some crypto-mining attacks are delivered through traditional means such as email embedded links and attachments, other strains are deployed through the means of cryptojacking.  Many of these menaces are planted on popular websites by hackers in order to infect unsuspecting visitors.  Just last month, hackers managed to run ads on YouTube that consumed the CPU power and electricity of visitors.  However, some website companies are knowingly participating in cryptojacking as a revenue source for their websites.  With the growing popularity of popup ad blockers, ad revenues are shrinking and some companies are turning to cryptojacking as a more dependable revenue source.

According to Check Point, the two of the Top 10 Most Wanted Malware as of January 15 of this year are cryptojacking strains.

  • #1 Coinhive – Coinhive is one of the original crypto-mining forms of malware to appear and is designed to perform online mining of Monero cryptocurrency when a user visits a web page without the user’s approval. The malware implants JavaScript code to manage the infected device’s computational resources to min the coins.
  • #3 Cryptoloot- Crypto-Miner is a competitor of Coinhive and is attempting to overtake it through lower commission rates.  Like Coinhive it also consumers the CPU of infected devices.

Coinhive alone has infected some 500 million computers.  It is estimated that 55% of businesses worldwide are affected by the attacks.  Just last month, users began complaining cryptocurrency mining code in the ads that have been displayed to them by YouTube.

How to Detect and Stop Crypto-Mining Malware

Crypto-mining malware dramatically affects the performance of your machines and in some documented cases have damaged the infected device.  Symptoms of an infection include:

  • Over usage of your CPU
  • Overheating
  • Measurable levels of slowdown and sluggishness

The best way to determine if a Windows device is infected is to analyze your CPU and memory resource performance levels in Task Manager. Any sustained CPU level above 70% would strongly indicate an infection.  If your device is infected, you will need the aid of an up-to-date antivirus application. Privacy is also always an issue you want to take care of and knowing the 2018 cyber security trends and predictions should be of interest.

There are some basic measures to keep your computer safe from crypto-mining related threats.

First off, protect your web browser:

  • Enable popup blockers in your browser and consider a pop-ad blocker extension
  • Disable JavaScript in the Edge or Internet Explorer Browser
  • Firefox users can use JavaScript-blocking extensions such as NoScript
  • Chrome users can use the minerBlock Chrome extension

One of the best things you can do to combat all threats including crypto mining is to keep your devices up to day with regular patching.  You should also avoid freeware websites that can automatically download unwanted applications.  Some type of endpoint security protection is also imperative.  As long as crypto-currencies continue to offer big returns, these types of threats will continue advance and proliferate.

 

Andrew Marsden
Andrew is an experienced IT consultant who specializes in internet security. Despite being much in demand by corporations across the globe, his passion for discussing the latest technology means Top 5 VPN users get the benefit of his vast knowledge and experience.
COMMENTS
Choose your avatar