Miners and how to avoid them

Cybercriminals jump the crypto hype train: what you should know about illegal crypto mining

Crypto miners are no less dangerous ransomware, as new persistence techniques with new functionalities are used by criminals

Ever since Bitcoin came out back in 2009, a new digital payment system captivated the world. Due to its innovative nature, the cryptocurrency is decentralized, which means that there is no central authority controlling it. Nevertheless, even the biggest companies and high-profile organizations are now using this payment system.

To create crypto, complicated mathematical problems need to be solved with the help of computing power, and powerful hardware is required. Since anybody with a high-end CPU and GPU can mine crypto relatively efficiently, some home users decided to give it a go and earn some seemingly free money.

There are many cryptocurrencies around, and they are particularly unstable – especially during the time of a pandemic. Bitcoin price was inflated to an all-time high, and the “underdog” currencies such as Dogecoin jumped up by 6,000% in comparison to what they were worth before.^[1] Bitcoin, however, remains among the most prominent digital coins around, and it is unlikely that it will change any time soon.

Cryptomining is not free, as the process takes a lot of electrical power to work. For that reason, it might take years before the cost is covered, and only then can the profits emerge. To add to this, not all mining is carried out with the consent of the device owner.

Some hackers came up with a plan to use many computers without investing the money themselves into mining rigs and other equipment. These networks are called miner botnets.^[2]

All the illegally (and without the victims' knowledge) distributed crypto-mining malware creates one giant network that mines cryptocurrency at its full potential. This way, bad actors can skip the cost and also increase the efficiency of mining by a significant margin.

Currently, crypto mining malware is among one of the most profitable, along with ransomware. Some ransomware authors even switched to cryptominers due to more profits created.^[3]

In late 2017 and during 2018, Bitcoin's value spiked to almost $20,000 and has kept fluctuating ever since. Fueled by coronavirus pandemic and shortages of semiconductors, cryptocurrencies saw a significant rise in cost, with Bitcoin jumping to $63,000 in 2021. These changes affected the rate of malware creation, as well as prices for Nvidia and AMD video cards.^[4]

Ways hackers spread the infection

Usually, a miner can infect your computer with the help of a dropper – software, the purpose of which is installing malware on users’ devices.

You can get infected with a dropper when you download pirated versions of games or applications. Sometimes droppers can also be installed with key generators or cracks for software. These type of malicious executables are usually encountered on Peer-2-Peer networks^[5] and other file-sharing websites.

When you open the downloaded file, the malicious dropper is activated, which then consequently downloads a miner onto your device. Additionally, it makes sure your system does not notice the miner by also downloading malware that makes the miner very difficult to notice. Besides, crooks often use legal crypto mining software but use it for unlawful purposes.

Another type of illegal cryptocurrency mining comes from browser-based scripts. Quite often, criminals hack legitimate websites and inject cryprominers into them, making any user who visits the site to mine for crooks. Alternatively, bad actors can create their own websites and use such resources as adware to redirect victims to those.

The means to avoid miners

Crypto miners usually do not emit any signs or symptoms per se, but the ones that can be noticed are excessive fan usage, high CPU usage, and computer overheating issues. Due to this, the performance of the device can suffer as well, resulting in poor user experience.

Unfortunately, these type of symptoms might be easily confused with breaking or outdated hardware issues. Therefore, it is crucial to monitor the device's performance and make sure it is not overheating. While CPU usage can be easily checked via the Task Manager, checking GPU usage might be a bit complicated, as third-party software is required for that. Nevertheless, there are plenty of free tools online available.

However, security experts advise to download and install security software that can track, detect, and eliminate malicious software. More ever, the real-time protection utility which specializes in web browsing protection will block the websites that have malicious code implemented in them.

To choose the best anti-malware program, you can visit Reviewedbypro.com, a website dedicated to fighting cybercrime. There you will find tons of security tool reviews and will be able to choose the application that suits your needs the most.

Obviously, the best solution would be not to get infected with crypto-malware in general. We suggest you follow these tips:

• Install security software with real-time protection feature;
• Do not open suspicious attachments or click on links inside emails coming from unknown sources;
• Update your system and software as soon as security patches are released;
• Avoid using high-risk websites, such as gambling, online dating, porn, torrent, and similar;
• Do not click questionable links and pop-ups;
• Scan executables with the security tool before opening them;
• Use strong passwords for all your accounts.