Malicious Cryptomining: What You Should Know

May 14, 2018

Bitcoin in front of a computer screenOne of the fastest growing cyber threats doesn’t involve an extortion demand via ransomware or access to your financial accounts by way of phishing scam. In fact, this new wave of criminal activity isn’t focused on taking your money, but instead, seeks to cash in on hijacking your computer’s power and bandwidth. In an extraordinarily short timeframe, malicious cryptomining has surfaced as the second-most popular form of cybercrime impacting both consumers and businesses alike. As reports from security experts and sources such as Business Insider tell us, this occurs even as the overall use of traditional malware is actually declining. Stay one step ahead of those who would disrupt your livelihood and steal your resources for their financial gain with an understanding of these basic facts about malicious cryptomining:

What is it and why is it a threat? Malicious cryptomining occurs when someone uses your computer to mine a digital currency without your consent or knowledge. If you notice that your computer is suddenly operating very slowly, there’s a possibility that it’s being used for this purpose. Because mining for cryptocurrency is both a lucrative and resource-intensive process, some miners resort to piracy to gain access to the computer power they need. By running your Central Processing Unit (CPU) at high capacities required to mine the digital currency, the perpetrators may drain your machine of the resources it needs to function properly. Not only can this substantially slow down your processing time and the overall performance of your machine, but as Malwarebytes explains,  it can damage your system, shorten its lifespan and even break the computer if the mining is too prolonged and intense.

For those of us less familiar with cryptocurrency, how does it operate? When many of us hear the word “cryptocurrency” we immediately think “Bitcoin,” but there are actually a number of digital currencies that have made their way onto the market in recent years. Just a few of these include Monero, ZCash, Ripple and Litecoin.

Digital currency transactions are secured through cryptography, a process that was developed during World War II to convert information into a virtually uncrackable code. Purchases and transfers are recorded on a blockchain, a public ledger that is shared among all holders of the currency. Cryptocurrency transactions must be tallied and authenticated using special software and immense computer power in order to solve complex mathematical equations. Individuals that use computers to solve these intricate problems are called miners and are issued the currency as a reward.

How is malicious cryptomining carried out? There are several ways that your computer can be used to mine cryptocurrency without your consent. One of the most common is to target consumers through what’s sometimes referred to as “drive-by cryptomining” – a browser-based form which allows those who operate a website to take advantage of your computer power when you open their webpage. Although the drive-by mining process generally stops once the user leaves the webpage, Science Alert points out that miners have begun using tactics such as pop-unders (like pop-ups but they open under the task bar) to keep mining once you’ve browsed away or closed the tab. In addition, infected advertisements on websites may be used for malicious cryptomining. Computers can also become infected with malware applications. For an attack on an enterprise network, infected image files or links that lead to malicious sites may be used.

What devices are at risk? As Science Alert explains, malicious cryptomining is being perpetrated on all platforms, devices, operating systems and in all browsers. This includes Macintosh and mobile phones. According to a recent quarterly report by Malwarebytes, Android owners suffered a 4,000 percent increase in malicious cryptomining in the first quarter of 2018.

How to know if you’ve been affected? Although it can difficult to trace the original source of an attack, you can check your computer’s CPU for unusually high levels of use, which may indicate that someone is using your computer power to mine currency. For help in navigating successfully through this process, and what actions to take if you’ve been affected, visit “How to tell If your computer is secretly mining cryptocurrency, and what to do about it” from Quartz.

 

Also use these tips below to help protect your devices:

  • Use high-quality antivirus software: As CryptoCoinsNews (CCN) points out, you may want to consider using Avast because it blocks cryptomining scripts and lets you know when the scripts are present on a website. Business Insider and Science Alert also suggest Kaspersky Lab and Bitdefender if you’re concerned about insufficient protection from your current provider.
  • Install malware detection software: A product from a company like Malwarebytes can be an excellent solution for detecting malware that antivirus protection might miss. It’s a good idea to scan your computer with these products at least once a week, even if you’re using Real-Time Protection.
  • Try an ad-blocker: When updated regularly, an ad blocker can also defend against browser-based attacks. Some are also browser extensions, which can improve your online experience. A few suggestions from Business Insider: AdBlock Plus, AdGuard, No Coin and Miner Block.