Just as fashion and music have trends, so does cybercrime. The latest favourite for a lot of cyber criminals is cryptocurrency mining malware.
What is cryptocurrency mining malware?
Cryptocurrency mining malware is a cyber attack where hackers use the processing power of their victims’ hardware to mine cryptocurrencies. There are mainly two common ways of doing this. The first is by installing a program on a victim’s computer after he/she has actively clicked on a link in for example a spam email. The second is to hide a code in an advertisement or plugin, which lets hackers mine cryptocurrencies for as long as a visitor uses a website.
Biggest attack to date
A highly reported case of cryptocurrency mining hack took place a couple of weeks ago, where thousands of websites, including government websites in Sweden, UK and USA, were used by cybercriminals to mine the cryptocurrency Moneto. The hackers had then inserted a malicious code in the plugin program Browsealoud, which allows visually impaired and blind users access to the web more easily. There have been warnings about this type of cybercrime, but this has been the biggest attack to date, despite reports that hackers only mined 24 dollars worth of Moneto.
Can you protect yourself against cryptocurrency mining?
It can be difficult for individuals to protect themselves against cryptocurrency mining malware as you usually don’t have a clue that you are under attack. A warning sign is if your machine slows down considerably, as it takes a lot of energy to mine cryptocurrencies. Victims are used more as a ‘means to an end’, as oppose to ransomware or identity theft where the individual is the target. With cryptocurrency mining, cyber criminals earn money without the need to result to extortion.
As always when it comes to cyber security, common sense is one of the best ways to protect oneself. Companies should regularly evaluate the security of applications, systems and services. You should also review which types of third-party content are allowed to load on the page.
And last but not least, an obvious but still very important piece of advice is to not click on the suspicious links in the strange emails. If it sounds too good to be true, it probably is!