With the continued rise of crypto-currencies, both in value (one bitcoin is currently valued at $11,300.00) and mainstream acceptance, it is no surprise that hackers have developed exploits to benefit from this boom. Specifically, security researchers have identified a spike in the number of sites that now host crypto-currency mining malware. For this exploit, hackers are not after your information or money (although they would be happy to capture that along the way); they are after your processing power. Crypto-currency is generated through a complex process referred to as “mining”, which essentially utilizes a computer’s processing capability to compute complex mathematical equations. So, the more processing power you are able to harness, the more crypto-currency you are able to mine. Hence the rise of crypto-currency mining malware which is most commonly distributed by hiding in the background of a seemingly normal/safe website. Once executed, the malware hijacks the infected system’s processing power and uses it to mine for crypto-currencies that will be credited to the malware’s host.
Businesses and Crypto-Currency Mining Malware
You may be wondering how exactly this poses risks to a business. Well, the more computers and portable devices an attacker has control over to mine on their behalf, the more coins they will likely obtain. Therefore, companies are a desirable target for attackers because of the significant amount of computing power that their business represents. Loss of this computing power directly impacts productivity, as any browser-based work will take longer to complete. Additionally, some malware can continue to run in the background of a computer after the user has exited the browser and the user wouldn’t even know it was happening. This type of malware could result in an increase in CPU utilization which would slow down a server (harming the company’s productivity) or render a computer system unresponsive (resulting in a loss of data that the user was working on at the time). Infected portable devices could experience a loss of battery power over a short period of time. Finally, there is the significant risk that coin-mining malware could open the door to hackers who decide to insert their own malicious code in the future once a computer has been initially infected. Either way, don’t let these attackers use your company resources for their own benefit!
If you have questions about whether your computers have the proper security controls in place, please contact us below
On May 8th, 2018 GraVoc’s Nate Gravel and Michael Kannan will be presenting at the Great New England Credit Union Show taking place at DCU Center in Worcester.read more
The Internal Revenue Service is warning taxpayers of an unusual phishing scheme that is going around this tax season. Using stolen data obtained by tax professionals, criminals are filing fraudulent tax returns and depositing them into actual taxpayers’ bank accounts.read more
The United States Securities and Exchange Commission (SEC) has revised and released cybersecurity guidance for publicly traded companies.read more