top of page

Illegal Bitcoin Mining – How cyber criminals tap into your computer

Crypto Mining using JavaScript Commands Basically, a distinction must be made between two types of illegal crypto mining. The most widespread method is the use of the crypto mining program Coinhive, which is classified as a “potentially harmful program” by most antivirus programs. Since it is based on JavaScript, it can be easily installed on web pages and is easily downloaded by most browsers. However, the legal situation is anything but clear. IT security expert Brian Krebs recently called the program “one of the greatest threats to web users”. And indeed, the program’s approach is extremely perfidious. Coinhive-infected websites force their visitors’ devices to dig up crypto-currencies – usually without the victim noticing or obtaining prior consent. Some of them even use the full CPU power, such as the Crypto Mining program that was included on the website of Portuguese football star Cristiano Ronaldo. But this method has a decisive disadvantage for Coinhive users: Cryptocurrencies are only mined as long as someone is actually actively on the website. If they leave the site, the crypto mining process is aborted.

Crypto Mining via Malware Crypto mining using malware is a completely different matter. This method uses malware specially designed for mining cryptocurrencies. The cybercriminals use different ways to smuggle it onto the computers of their victims. The most popular method of distribution is via infected websites. But pirated software is also suitable as a hiding place for a crypto mining dropper. If a user calls up an infected download website, the malware is loaded onto the computer unnoticed via a drive-by download and begins to dig up a selected crypto currency for the hackers. Since the maximum computing power of the devices is to be used to the full, the cyber criminals must proceed with caution in order not to be discovered while digging. Because if the device is always running at 100 percent computing power, it can hardly be operated by its owner. In most cases, the user will then take countermeasures. As a result, Crypto Mining Malware usually uses only about two thirds of the computing power. In some cases, the malware is even programmed to detect the start of an application that uses resources and to throttle the malware’s activities accordingly. Crypto Mining Malware has even been detected that is able to bypass antivirus programs. However, many independently infected devices do not yet give cybercriminals much use. The important thing is that they can bundle their power to mine crypto currency. A bot network is the ideal tool for this. Some of these networks comprise several thousand computers, and the profits that cybercriminals make are correspondingly high.

How do I effectively protect myself from illegal crypto mining? First of all: There is no “that” protection against illegal crypto mining, but rather a combination of different security solutions to combat unwanted mining. On the one hand, it is important to understand how cyber criminals proceed in illegal crypto mining and what tools they use. The right security awareness can lay the foundation for effective prevention. As a supplement, an anti-virus program should be installed on the computer, which is always kept up to date – this naturally also applies to all other programs and the operating system. If you want to download software from the Internet, you should only do this via trustworthy sources such as Renowned download portals also offer software for download that wants to install additional software during the installation process. It cannot be ruled out that this may contain additional malware such as crypto mining droppers. Furthermore, spam e-mails may also contain links that lead to websites contaminated with Crypto Mining Droppers. As it can be difficult to distinguish well-done spam e-mails from normal e-mails, it is recommended that companies in particular use a managed spam filter service. Increased attention is also advised when surfing the web. Since dubious, malware-infected pages are of course only rarely recognized as such, the use of a web filter is also recommended. This reliably warns the user of potentially harmful content before calling up the page. This provides protection not only against Crypto Mining Malware but also against all other harmful content.

0 views0 comments


Commenting has been turned off.
bottom of page