Is cryptocurrency mining malware the new ransomware?
on 20 Dec, 2018
You may already be familiar with the concept of ransomware, a type of cybercrime where a hacker locks files on your computer and demands money in exchange for giving back the data.
The practice has been a lucrative one, to the tune of £6.4 billion lost in 2018 alone, according to a joint report from the National Cyber Security Centre (NCSC) and the National Crime Agency (NCA). A substantial portion of the losses were attributed to ransomware.
But now there’s a new variant on the scheme, known as cryptocurrency mining malware or cryptojacking for short, which is taking root online in a big way.
Even if you haven’t wrapped your mind around how cryptocurrencies operate, the important thing to note is that the process of mining for cryptocurrency can be extremely profitable, but it requires high-powered computers and a great deal of electricity.
As a result, hackers have taken to executing attacks where they secretly hijack people's computers and use them as part of a mining operation.
This article will provide tips on how to avoid cryptocurrency mining malware and what to do if you think your device is infected.
Watch for suspicious links
The good news is that a hacker cannot install mining malware on your personal computer unless they gain administrative access to the operating system. With that said, you still have to be extremely careful when working online because cybercrime is constantly growing more complex and clever.
Mining malware is often spread through malicious hyperlinks in email scams or pop-up advertisements. Clicking on one of these links will open a rogue webpage that usually asks you to install a piece of software or enter your username and password. Close your browser immediately if you click one of these links accidentally.
Also, always inspect the URL that appears at the top of your browser to verify that the page you are looking at is hosted by a reputable company. Hackers will try to trick you by hiding the malware within a webpage that looks similar to one owned by a big company like Apple or Google.
Be careful with attachments
email attachments are even more dangerous than hyperlinks because of the fact that they can execute a script or command on your computer just by double-clicking on them. For this reason, you should never open an attachment when you think it could be spam or don't recognise the sender's address.
Be aware that hackers will disguise the malicious script by using a common file extension like .doc. If you open the attachment, it will actually operate as an executable object and give the attacker the ability to install a cryptocurrency mining tool.
For remote workers, or anyone who regularly travels overseas for work, and tend to use public Wi-Fi hotspots, it's critical to invest in a reliable virtual private network (VPN) client. A VPN functions like a secure, anonymous tunnel that encrypts data flowing in both directions between your computer and the internet.
If you log on to a public Wi-Fi network at a restaurant or cafe without using a VPN service, then any hackers nearby can manipulate the wireless router and potentially intercept your web traffic or even remotely control your computer.
The bad news is a VPN costs money. The good news is it’s not very much. Most legitimate VPN services run in the £5 to £10 a month range. There are free options available, some decent, but the looming danger is that free services and tools have been known to be used as a Trojan horse of sorts by hackers in order to deliver that very malware you’re trying to avoid.
Monitor your computer's performance
Even computer experts can have a hard time detecting a piece of mining malware. The malicious process usually runs in the background and will be invisible to most basic monitoring tools in Windows or Mac OS X. The best thing you can do is keep a close eye on the overall performance of your computer, both in terms of local memory and network speed.
In order to mine a digital currency like Bitcoin, a computer must use either its main processing chip or graphics card to perform many complex calculations. This leaves minimal resources for other applications, so if you suddenly notice that programs are running extremely slowly, it could be a sign of an attack.
Don't forget about mobile devices
Hackers do not limit their attacks to laptop and desktop computers. In fact, some of the largest cryptocurrency mining scams have targeted smartphones and tablets. These mobile devices may have less computing power than a traditional PC, but once the malware is spread across a wider network, the crime becomes profitable.
If you have accidentally clicked on a suspicious link from your phone or tablet, be sure to monitor the impact on the device. The malware will cause apps to crash or function slowly and may make the battery drain much faster than usual.
Final thought - get help from an expert
In order to limit the damage of cryptocurrency mining malware, you need to act quickly if you think a device has become infected. First, fully disconnect the computer, tablet, or smartphone from the internet and then - if you’re not one - consult the nearest IT security professional.
There are a range of tools available that can scan your device and determine whether a background process is actively trying to mine Bitcoin or another digital currency. If the source of the attack can be isolated, you may even be able to restore full performance of your device without losing any data.
In cases of fast-moving malware, the only option might be to completely wipe your device's hard drive and install a fresh operating system. On such occasions, it's critical to have a full backup of all your files so that you can restore the data from a previous point in time. Experts recommend you keep copies of backups in multiple geographic locations that are secure and known only to you.
Gary Stevens is a technology writer and blogger