Criminals secretly mining Bitcoin on 200,000 Aussie computers: How to prevent cryptomining attacks
Friday, November 30, 2018/
If you’ve ever been mindlessly surfing the web and your laptop’s gotten unusually warm, it could be because cyber criminals are secretly mining Bitcoin on your computer.
While it sounds like the plot of a nerdy Ocean’s Eleven remake, the threat of ‘cryptomining’ has increased significantly over the last 12 months, with Australia emerging as a hotbed for opportunistic crooks.
According to new data from cybersecurity services provider Malwarebytes, nearly 200,000 Aussies have been infected with the nascent malware since the start of 2018, with a gold rush of sorts being spurred on by the once-meteoric rise in the price of digital currencies.
According to Jim Cook, Malwarebytes regional director for Australia and New Zealand, the cryptomining threat hinges on the basic concept behind cryptocurrency mining, where individuals use a computer’s processing power to crack increasingly hard algorithms with the hope of being rewarded with a chunk of crypto-change.
“Cryptomining attacks are based on the idea a criminal can use anyone’s computing power to mine crypto for their own benefit,” Cook tells SmartCompany.
The way this happens is usually through your internet browser, with pieces of cryptomining code being sneakily injected into the code of insecure websites, allowing attackers to mine as you browse.
And while the whole process sounds nefarious, the resulting impact to your computer is often minimal, especially when compared to other devastating cyber attacks such as WannaCry. Cook says the most users will notice is their computer heating up and running faster than usual, as the processor is pushed to the max in an attempt to capture some Bitcoin.
The practice was “ubiquitous” and highly lucrative for cyber criminals earlier in the year, Cook says, but as crypto prices have fallen off a cliff in recent months, so too has the prevalence of mining attacks, with the number of incidents dropping 44% in August and a further 77% in September.
“There seems to be a direct correlation between the price of the crypto markets and the level of cryptomining activity. As the price falls through the floor, so too does the amount of interest,” he says.
“This is fairly obvious from a commercial point of view, as the primary interest for cyber criminals is to make money”.
Hard to detect
But there’s no room for complacency, as Cook believes cryptomining as a threat is here to stay, and likely to increase in prevalence over 2019. However, he thinks the focus will switch away from individual laptops and desktops, as criminals increasingly target interconnected Internet of Things devices to use as mass-mining botnets.
“From a small business point of view this will still be an issue moving into 2019, as instead of your laptop being targeted, it will be your cloud and your servers,” he says.
Unfortunately for business owners, it’s hard to tell when criminals are trying to make an extra buck off your processing power, as the biggest tell-tale sign is just a computer slowing down.
Cook advises business owners to be aware of when their computers are running hot, and if it’s happening at times it shouldn’t be, look into doing a full virus scan of the device.
Businesses have been warned about multiple different cyber attacks over 2018, including a recent one where a business lost $300,000 to a ‘spoofed’ email.