With the continued rise of crypto-currencies, both in value (one bitcoin is currently valued at $11,300.00) and mainstream acceptance, it is no surprise that hackers have developed exploits to benefit from this boom. Specifically, security researchers have identified a spike in the number of sites that now host crypto-currency mining malware. For this exploit, hackers are not after your information or money (although they would be happy to capture that along the way); they are after your processing power. Crypto-currency is generated through a complex process referred to as “mining”, which essentially utilizes a computer’s processing capability to compute complex mathematical equations. So, the more processing power you are able to harness, the more crypto-currency you are able to mine. Hence the rise of crypto-currency mining malware which is most commonly distributed by hiding in the background of a seemingly normal/safe website. Once executed, the malware hijacks the infected system’s processing power and uses it to mine for crypto-currencies that will be credited to the malware’s host.
Businesses and Crypto-Currency Mining Malware
You may be wondering how exactly this poses risks to a business. Well, the more computers and portable devices an attacker has control over to mine on their behalf, the more coins they will likely obtain. Therefore, companies are a desirable target for attackers because of the significant amount of computing power that their business represents. Loss of this computing power directly impacts productivity, as any browser-based work will take longer to complete. Additionally, some malware can continue to run in the background of a computer after the user has exited the browser and the user wouldn’t even know it was happening. This type of malware could result in an increase in CPU utilization which would slow down a server (harming the company’s productivity) or render a computer system unresponsive (resulting in a loss of data that the user was working on at the time). Infected portable devices could experience a loss of battery power over a short period of time. Finally, there is the significant risk that coin-mining malware could open the door to hackers who decide to insert their own malicious code in the future once a computer has been initially infected. Either way, don’t let these attackers use your company resources for their own benefit!
If you have questions about whether your computers have the proper security controls in place, please contact us below
Related articles
Change Healthcare Attack: Ransomware Protection Measures for Healthcare Organizations
In light of the Change Healthcare attack, we explore why hackers target healthcare and how healthcare can defend against ransomware.
GraVoc Recognized on CRN MSP 500 List for Second Year in a Row
For the second year in a row, GraVoc has been recognized on the CRN® MSP 500 list in the Pioneer 250 category!
PCI SAQ Types: Which SAQ is Right for Your Business?
In this blog post, we provide an overview of the SAQ types for PCI DSS v4.0 and how to select a PCI SAQ that’s right for your business.