Cryptomining malware, or cryptocurrency mining malware or simply cryptojacking, is a relatively new term that refers to software programs and malware components developed to take over a computer’s resources and use them for cryptocurrency mining without a user’s explicit permission.

Cyber criminals have increasingly turned to cryptomining malware as a way to harness the processing power of large numbers of computers, smartphones and other electronic devices to help them generate revenue from cryptocurrency mining. A single cryptocurrency mining botnet can net cyber criminals more than $30,000 per month, according to a recent report from cybersecurity company Kaspersky Labs.

Cryptocurrency-mining malware’s Impact :

Cryptocurrency-mining malware steal the resources of infected machines, significantly affecting their performance and increasing their wear and tear. An infection also involves other costs, like increased power consumption. 

But we’ve also found that their impact goes beyond performance issues. From January 1 to June 24, 2017, our sensors detected 4,894 bitcoin miners that triggered over 460,259 bitcoin-mining activities, and found that more than 20% of these miners also triggered web and network-based attacks. We even found intrusion attempts linked to a ransomware’s attack vector. The most prevalent of these attacks we saw were

  • Cross Site Scripting
  • Exploiting a remote code execution vulnerability in Microsoft’s Internet Information Server (IIS)
  • Brute force and default password logins/attacks
  • Command buffer overflow exploits
  • Hypertext Preprocessor (PHP) arbitrary code injection
  • SQL injection
  • BlackNurse denial of service attack

These malware can threaten the availability, integrity, and security of a network or system, which can potentially result in disruptions to an enterprise’s mission-critical operations. Information theft and system hijacking are also daunting repercussions. These attacks can also be the conduit from which additional malware are delivered.

For more cyber security information contact us at help@theweborion.com