December 19, 2017
As you know cryptocurrency (a digital currency) and mining of the coin are more popular than ever. In order to save on the cost of hardware and electricity bills, miners have resorted to unorthodox mining strategies. This includes using their website visitors’ computers to mine coin for them. You could have been on a site today that was secretly mining cryptocurrency by “piggybacking” on your computer’s processing power. According to IBM Manage Security Services, incidents of malware containing crypto-mining tools have grown six-fold this year alone.
The good thing is that it can be simple to find out when your computer resources are being used to mine coin for someone else. Here are a few quick things to consider.
How to tell if your computer is being used to mine for Crypto Coins
Check CPU Usage
Open “Task Manager” (Windows) or “Activity Monitor” (OSX)
- See if your CPU is working abnormally high when visiting a certain website. If you see a spike while visiting a certain website, it could be an indicator that your computer is mining coin for them.
*We can’t really tell you that the CPU usage level should be at a certain level. Every user is different depending on the resources that are being used and specifications of the computer. But if you see a dramatic spike on the CPU level when viewing a certain site, it can be a sign of mining.
How Do I Prevent Others from Secretly Mining Crypto Coin?
The Use of Ad Blockers Can Help
As you now know this is all happening by visiting certain websites. Your computer can also be hijacked by infected advertisements. So, using an ad-blocker may immediately stop miners. Ad-blockers not only block ads but can also block certain processes that run in the background using your computer resources. For instance, AdGuard, an ad-blocking software, scans each site for mining scripts from Coin Hive and alerts you of the action.
Are there other ways they can mine through my computer?
Researchers at IBM found a sophisticated mining software that penetrates your computers and servers by infecting image files or by clicking links which lead to malicious sites. IBM said that such attacks tend to target enterprise networks. So let your IT person or Brave River systems administrator know.
What if My System is Infected with Mining Software?
If your system is infected you should detect a drop in performance, in which case check your CPU usage and identify the process that’s using all the resources and terminate it.
Why are Websites Mining Bitcoin?
Well, they really aren’t mining BitCoin. Websites and mining software are actually mining a different kind of cryptocurrency called Monero. It’s a different type of coin that can be mined using ordinary computers like yours. Mining BitCoin takes up too many resources to use personal computers, even millions of them. Like other cryptocurrencies, the value of Monero has skyrocketed with a market value of $1.3 billion.
Should I Block Data Miners?
Now that is a personal decision you have to make. If the host is not greedy and has implemented mining so that there is minimal impact you could potentially never notice that your computers resources are being used.
A good reason to not block websites from mining is because it could replace ads. Some website owners are testing to see if the revenue from cryptocurrency could replace revenues that they make in annoying website advertisements.
Enterprise-Level Security Security Options
Enterprise servers are highly valued for coin miners. This is because the speeds are much faster which allow for faster cryptocurrency mining. Mining tools can run on almost any operating system including Windows, Android and Apple products as well as on devices like home routers and internet of things (IoT) devices. Virtually any attack that involves injecting an executable code could turn a targeted system into a virtual coin miner for the attacker. The most common methods of attacks include:
Brute-force and default password logins/attacks
Command buffer overflow exploits
Hypertext preprocessor (PHP) arbitrary code injection
Command injection (including SQL injection)
According to IBM: To shut down the virtual mint trying to form on the infrastructure you protect, applying standard security precautions is the top priority. Security professionals should take the following steps:
Ensure timely patch management to address vulnerabilities across the entire infrastructure.
Change the default security credentials to prevent unauthorized access.
Consider using application whitelists to prevent unknown executables from launching on systems within the organizational networks.
Perform input validation on internet-facing web applications to mitigate injection attacks.
Cultivate a security-aware workforce through education and role-based training.
Your enterprise devices are vulnerable and if you aren’t keeping your technology up-to-date or running preventative maintenance you could see your server or computer performance degrade.
If you are looking for technology insights and support from a highly qualified IT security company call Brave River Solutions anytime. We will perform an IT security assessment and implement ongoing support so that your company will always be running as efficient and fast as possible.
Get an IT Security Assessment