An IT Support Blog from London

Read the latest IT news, tips and insights from IT Support pros at HTL Support

4 minutes reading time (815 words)

Beware the Growing Cryptocurrency Mining Malware Threat

Beware the Growing Cryptocurrency Mining Malware Threat

A new IT security threat is infecting computers across the globe, and it could be wreaking havoc on your organisation’s devices as you read this post. This malware threat uses a computer’s processing power to mine cryptocurrency, without the knowledge or consent of the owner.

Unauthorised cryptocurrency mining–or cryptojacking, as it is commonly called, is spreading like wildfire. This is not surprising, given how simple it is for cryptojacking scripts to infiltrate a computer. Hackers can initiate it using one of two methods:

  1. Phishing – embedding a malicious link in a legitimate sounding email for the user to click, and unknowingly install the cryptomining application.
  2. In-browser cryptojacking – injecting a JavaScript on a website or ad networks, which then auto-executes upon loading on a victim’s browser.

The lure of cryptojacking

The lure of cryptojacking

If ransomware was the top threat to IT security in 2017, the major threat in 2018 looks like it will be cryptocurrency mining. Already, McAfee Labs has accounted for 2.9 million samples of coin miner malware as of the first quarter of 2018. Even with the decreasing value of some cryptocurrencies, cryptojacking remains popular among cyber criminals because it’s easy money and doesn’t demand significant technical skills.

Moreover, cryptocurrency mining presents a less risky and more profitable alternative to ransomware. Hackers can’t force 100 percent of ransomware victims to pay up, but with cryptojacking, they can be sure that all computers running cryptomining scripts are generating digital currencies for them. In addition, there is far less chance of being discovered and identified as the perpetrator, because the code runs furtively in the background. Furthermore, it can run for a long time, because it can only be detected by certain cyber security solutions.

Why should you be worried?

Why should you be worried

One major difference of cyptojacking is that it doesn’t do any noticeable or immediate damage to the host computer. At least not right away. Nor does it access or steal the stored data. In fact, cryptocurrency mining–the type that requests consent from users beforehand, is being advocated by some websites as an alternative to ad-based revenue and paid subscriptions. If you think about it, users do have the choice to support their often-visited media or game sites by contributing a portion of their unused computing power for cryptomining, in exchange for the free content they get.

In theory, it sounds like a fair enough deal, right? In practice though, cryptomining becomes a legitimate concern when it turns into illegal activity; and there’s no shortage of reports detailing current cryptojacking activities. So, what harm does it actually do?

As soon as cryptomining scripts get down to work, they use up a lot of CPU resources. For individual users, this could significantly slow down the computer, and for some malware variants, may even cause devices to crash. The issues are duplicated in multiple computers within the network. This is why organisations which fall victim to cryptojacking face much larger problems, such as decreased productivity, increased complaints on computer performance directed to the IT team, and increased wear and tear of the machines themselves over time.

Furthermore, cryptojacking victims must also deal with a hefty electricity bill, because cryptocurrency mining uses up a good deal of computing power, which, in turn, drives up energy consumption.

How to detect and prevent cryptojacking

How to detect and prevent cryptojacking

Unless you’re using a cyber security solution that can automatically identify and eliminate coin miners, it is difficult to determine whether a device is already being cryptomined. A common telltale sign is an unusually high CPU usage, which could be indicated by slow systems, frequent overheating or cooling fan failures. If tech people are alert, they should recognise that a spike in complaints of this nature suggests the system has been compromised by cryptojacking.

If there are no indications of cryptomining within your network, then it’s best to put up safeguards as soon as possible. There are several ways to protect yourself and your organisation:

  1. Install AV solutions and ad blockers. Trusted IT security tools do a good job of detecting, eliminating, and even preventing a range of malware threats, including cryptocurrency mining scripts. 
  2. Ensure updating of software and security patches. The good news is that software companies are also constantly on the lookout for these threats. Keeping security patches up-to-date guarantees that you can block off the threats that have been identified by the developers themselves.
  3. Increase employee awareness. Training on cybersecurity should now include information on cryptocurrency mining and how it can enter a network. Heightened awareness is particularly important for employees, since cryptojacking can be perpetrated by clicking on malicious links, or even frequent internet browsing.

Cryptocurrencies may no longer be enjoying the peak values of the past, but they remain a popular medium of exchange among online traders. Unfortunately, the continued rise of cryptomining means that more people will also fall victim to cryptojacking. Don’t be a victim. Invest in a reliable cyber security solution today.

8 Ways to Secure Your Employees’ Mobile Devices
7 Terrific Ways Managed Services Can Help Your Bus...

Related Posts

Top