Mining crypto

If Your Computer Is Slow, You May Be Mining Cryptocurrencies For Someone

  • The latest report shows that cryptomining is now the second most popular malware in the world.
  • This can cause cell phones to overheat and explode.
  • Has your computer’s fan been abnormally noisy lately?

Good news: Virtually all traditional types of


malware

decreased in recent months. Not so good: Mainly because hackers are more interested in using your computer to help them mine cryptocurrencies.

Chances are you or your employer aren’t even aware of what’s going on. Malware miners lock onto your PC and add its processing power to their efforts to source Monero, ByteCoin, AEON, or any of the many next-gen cryptos that don’t need a platform. -mining form the size of a city block. to achieve significant returns.

Adding to the attraction is a mistaken feeling that it just doesn’t seem as sinister as someone stealing your bank details or demanding a ransom from your membership on an adulterous website.

There have even been recent moves from major media companies offering ad-free services in exchange for the power of your PC. Some call it “ethical cryptomining”.

But according to the latest quarterly report on cybercrime tactics and techniques from security software provider Malwarebytes, “malicious cryptomining” has come out of nowhere in recent months to become the second most popular form of cybercrime, “the biting on the heels”. of


adware

.

Top 10 Enterprise Malware Detections


Malwarebytes


Currently, adware is still the No. 1 threat to consumers, while


Spyware

is the biggest threat to businesses.

Ransomware

– in which victims are asked to pay, usually in bitcoin – is up for businesses by 28%, but consumer detections have dropped, dropping it to sixth place overall. A new development has seen GandCrab become the first ransomware to ask victims to pay in a crypto other than bitcoin.

But why risk jail time by demanding a few hundred dollars in bitcoin when you can just mine it, with a little unsolicited help?

While virtually all other malware is on the decline, cryptomining is now the #2 threat to consumers and businesses.

Android owners, in particular, have been targeted, with Malwarebytes seeing a 4,000% increase for the quarter. Detections of Mac users were lower, but they increased by 74% in March.

“Cryptocurrency mining is such a lucrative business that malware creators and distributors around the world are drawn to it like moths to a flame,” the report said.

“We saw malicious cryptomining at scale this quarter – across all platforms, devices, operating systems, and in all browsers.

“Macs and mobile devices are not exempt; criminals have even used the cryptocurrency craze for social engineering purposes.”

The most popular places for criminals to infect are servers. Windows servers, Oracle servers and recently Amazon servers have all been infected with cryptocurrency miners. Infecting the server and those using them – including Amazon’s cloud-based AWS service – could suddenly unwittingly host a miner on their website.

A recent example was found on the LA Times website. And Australian government websites. And websites operated by the UK National Health System, Student Loans Co. and Northern Powergrid.

But why target Android users? Computing power is negligible, but Malwarebytes says it’s easy to “raise the bar” by adding miners to already malicious apps.

A recent version, a miner added to the Loapi Trojan, pushed devices to the point that they “overheated due to strain on the processor, their batteries swelled, and ultimately they suffered an untimely termination” .

Sounds familiar.

But the biggest player is CoinHive. It has only really been active since September 2017, when it announced an API that could mine Monero directly from a web browser.

coinruche 2



Troy Mursch/@bad_packets/Twitter



It was launched with good intentions, but “due to several oversights, the technology was almost instantly abused,” Malwarebytes reported.

The beauty of CoinHive is that it’s hard to spot because it doesn’t slow down your computer much. It is used in “drive-by cryptomining”.

Drive-thru crypto mining is website-specific and does not require infecting a machine. Open the modified file – like the LA Times page mentioned above – and your PC starts mining Monero for someone else. Close the tab or navigate away from it, and mining stops.

You are probably annoyed by the lagging website.

But here’s a trick that car miners use: pop-unders.

You won’t see a contextual tab because it looks like a contextual tab except that it opens under your taskbar. Even though you think you have left the affected website, the tab continues to drift away.

You probably left one open all last night.

CoinHive itself takes a 30% commission on all mining revenue. The fact that knowledge is so openly discussed, and that there have been no notable reparations against CoinHive, is likely a big part of why cryptomining is the rising malware star of 2018.

In CoinHive’s defense, it released another API that requires users to register – the “ethical” cryptominer. But MalwareBytes research shows it was used around 30,000 times per day compared to the silent API at 3 million times per day.

The new wave is already coming. Coin Have and CryptoLoot are #2 and #3. Coin Have takes 20%, but CryptoLoot claims to pay 88%.

Cryptominers actually advertise better rates to let other people steal your computing power. They also promote their ability to circumvent their biggest threat: ad blockers.

But here’s a trick to spot it on your PC at least: that moment when its fan goes crazy.

In January, a miner even let Android phone users know they were being mined, which was polite. Look at CPU usage, off scale:

crypto malware mining


Malwarebytes


You can opt out by “verifying that you are human”.

Malwarebytes says there is no reason to expect the increase in cryptocurrency mining to continue in 2018, especially given the value of cryptocurrencies, despite their recent declines.

The new frontier, he says, could be Internet of Things devices. How much attention do you pay to what your smart fridge is doing right now?

“Although malicious cryptomining appears to be far less dangerous to the user than other forms of malware, such as ransomware, its effects should not be compromised,” Malwarebytes says.

“Indeed, unmanaged miners could seriously disrupt critical business or infrastructure processes by overloading systems to the point where they become unresponsive and shut down.

“Under the guise of a financially motivated attack, this could be the perfect alibi for advanced threat actors.”

  • Basically, your computer’s fan is going crazy. Check your CPU usage (Task Manager, Windows; Activity Monitor, Mac) and look for spikes.
  • If you are a business, Malwarebytes has just released its new Endpoint Protection and Response solution.
  • Antivirus software. The first date for something like this. If you are not convinced by your built-in protection, try Kaspersky or BitDefender.
  • Ad blockers help. AdBlock Plus and AdGuard offer to scan sites for CoinHive. No Coin and Miner Block are also handy Chrome extensions.
  • And if you see any unusual program consuming your CPU, just stop it and then scan for a virus.