Just about every single item of value in the world has at least a few “someones” that want to have it, and some of them will use any means necessary to get it. Priceless works of art have been swiped, expensive cars get stolen every day just for the sake of a joy ride, homes around the world are robbed of their collectables and jewelry daily, and hackers hit the crypto-industry for over $1 billion last year alone.
And now a different kind of thief may be stealing something of little apparent value, but it’s actually enabling them to rake in a decent illegitimate income.
Crypto-malware!
You’re likely no stranger to the word “malware” and probably have a decent understanding of what it means, but if you think that crypto-malware is something that only affects miners and others involved with cryptocurrency, you may be in for a shock.
Crypto-malware is one of the latest in a long line of malware threats but because it only requires CPU cycles and doesn’t reveal itself with ransom demands, popups, or other readily-apparent clues other than slowing down the unknowing host’s system, it’s classified as a “silent threat” and sometimes can remain undetected for extended periods of time.
Which of course works in favor of the “hacker.”
Their goal isn’t to steal your data or money, they want the malicious program to remain on your system for as long as possible, using your processing power to perform cryptomining quietly in the background.
These days you can also encounter what’s known as “crypto-jacking” which just temporarily uses your system for mining. Hackers inject Javascript into vulnerable web servers and if you visit the infected webpage, the illicit Javascript runs on your browser and uses you as a cryptominer until you exit the page or close that browser window.
Of course the ultimate goal of crypto-malware and crypto-jacking are the same — to use your system to generate cryptocurrency. Unfortunately, because the use has been so successful, the popularity of crypto-malware is growing In fact, according to McAfee, crypto-malware increased 4,000% last year and at Black Hat 2018, Lastline conducted a survey of 235 security professionals and found that 56% believe that cryptomining will still be the number one threat vector this year.
Whether you’re an individual or a company, ignoring the threat of crypto-malware could be costly. It not only slows down your affected system(s) and potentially impacts production by eating up bandwidth and processing power, those machines may experience erratic memory spikes, dead graphics cards, or burned out processors.
