Technology
How Cryptocurrency Mining Software Is Turning Into Malware
Published:
Last Updated:
A single desktop PC working all day might generate about $0.25 from mining for monero, a digital cryptocurrency that focuses on transaction privacy. While that might seem not to be worth the effort and would not even pay the electricity bill, what about cobbling together a network (botnet) of PCs to do the heavy lifting?
That’s what cybercriminals are doing — using mining programs like Coinhive and Cryptoloot to hijack PCs and adding code to them so they can be put to work mining for monero. According to security researchers at Check Point, crypto-miners have had a global negative impact on 55% of organizations, with Coinhive as the predominant threat.
In December, Check Point noted:
[C]ryptocurrency miners have intentionally been injected into some top websites, mostly media streaming and file sharing services, without notifying the users. While some of this activity is legal and legitimate, the tools can be hacked to dominate more power and generate more revenue, using as much as 65% of the end-users’ CPU power.
How does the invasion work? According to Check Point, the problem begins with ad blocking software:
Ad-blocking software, stemming from users losing patience with excessive pop-up and banner advertisements, has been slashing many websites’ advertising revenue. Those websites are turning to crypto-miners as a new source of revenue – often without the knowledge or permission of the visitors to the website. Similarly, threat actors are turning to crypto-mining malware as a new way to make money – illegitimately gaining access to the users’ CPU power to mine for their own cryptocurrency – making it even likelier that we’ll see this trend gain steam over the coming months.
Another security firm, Talos, notes that crypto-mining attackers don’t steal anything from their targets except a few CPU cycles and that mining software is not technically malware. But as long as a PC remains in a crypto-mining botnet, that PC’s owner is contributing some spare change hiding under the couch cushions that can add up fast. A botnet of some 200,000 nodes could mine $500 a day in monero, adding up to $182,500 in a year. Not bad for a part-time job.
A report at Data Breach Today has more detail and links to other research on crypto-mining.Â
Take This Retirement Quiz To Get Matched With An Advisor Now (Sponsored)
Are you ready for retirement? Planning for retirement can be overwhelming, that’s why it could be a good idea to speak to a fiduciary financial advisor about your goals today.
Start by taking this retirement quiz right here from SmartAsset that will match you with up to 3 financial advisors that serve your area and beyond in 5 minutes. Smart Asset is now matching over 50,000 people a month.
Click here now to get started.
Thank you for reading! Have some feedback for us?
Contact the 24/7 Wall St. editorial team.
Editors' Picks
