Cryptomining Malware: What You Need to Know

Remember ransomware? That’s sooo 2017.
Here in 2018, there is a new big cybercrime baddie in town: Cryptomining malware, also referred to as Cryptojacking, and it’s quickly deposing ransomware of its “king of malware” status.
So What do They Want From You???
Before we jump into some of the many reasons behind this increasingly popular and dangerous exploit’s explosive growth, let’s get down to brass tacks and dissect this new threat. The very first thing you’ll need to know is this: Cryptomining malware isn’t stealing money or data from you. It’s stealing your processing power in order to mine for cryptocurrencies such as Bitcoin or the more accessible Monero.
As the victim, what you’ll likely experience is slower performance. Sure, this might not sound so bad – “Hey, it’s just my CPU (computer processing unit) they’re after!” But the truth is that using all that computing power will eventually lead to the early demise of your devices. Not to mention that attackers are using what is rightfully yours (your CPU) to get rich – Really rich. Moreover, once attackers have a backdoor into your system, they can shift it whenever they please to become something far more dangerous than its original purpose.
But to really understand crypto mining malware, you’ll have to understand a few things about crypto currencies in general. Lucky for you, a few months back we published a series of posts on the topic of cryptocurrency basics. We’ll go over some of the most pertinent points here, but if you still want more background, check out those posts.
What “Cryptocurrency Mining” Actually Means
Mining accomplishes two things – first off, it’s the process in which new transactions are validated and then added to the blockchain. The blockchain, if you recall back to our other post, is an incorruptible and public record of all transactions performed with a given cryptocurrency (actually, it can be used to validate and record just about anything digital but let’s focus on cryptocurrencies for now). Each time a transaction is requested, dedicated users, via computers called nodes, verify that the transaction request is legitimate and link it back to the previous transaction (that’s why it’s referred to as a blockchain). As a reward for their efforts, miners are granted a portion of whatever coin it is they are mining.
More importantly, for our purposes now anyway, mining is also how new cryptocoins are released. You may be wondering at this point why new coins need to be “released” as opposed to just being created and put into circulation. It turns out that although mining is a crazily complex process, it actually makes a lot of sense. Just like releasing too much traditional currency at one time can lead to inflation, crypto coins are released one at a time to prevent inflation, and therefore the devaluation, of the currency. In order to release new coins, highly complicated puzzles must be solved.
It takes a whole lot of CPU energy to solve these numeric challenges but the owner of the first computer to solve each one is rewarded with a shiny new cryptocoin.
Any law-abiding citizen interested in earning some extra dough can get in on the action by setting up the right hardware and software that is specifically built to handle the heavy computational load. And where Bitcoin is concerned, this is pretty much the only way to go about unearthing new coins. But other currencies such as Monero don’t require specialized anything – which means that attackers can use any computer to do their heavy lifting.
And then consider that it’s not merely one computer they have running on their racket – these guys have lots and lots of computers mining lots and lots of coins, which means they end up pulling in the big bucks – big time. Networking giant Cisco estimates that a Monero-mining ring can generate up to $500 per day, and in total, cryptomining rings are set to rake in about $100 million in 2018.
Shockingly, cryptojacking may not even be actually illegal in some cases. Legitimate websites like have admitted to placing mining software on their users’ devices in exchange for allowing them to browse their site with an adblocker installed. The publisher claims that it’s a fair trade – users who opt to block ads, thereby denying them ad revenue, can make it up to them by allowing their CPU to be used as an alternate means of generating revenue. This is all a-okay if the end-user is aware and has agreed to what is taking place – but all too often, the user is unaware of the true ramifications of what they are agreeing to.
How Hackers get Their Paws on Your CPU
There are two basic ways attackers can usurp your computing power – the first method is via malvertising, which are ads displayed on websites that are injected with infected code. When you view the infected ad, it executes the malicious code, allowing attackers to take over your CPU. The other commonly used tactic is phishing. Just like other similar phishing ploys, attackers send emails with infected links and once you click on them, the infected code begins to run on your computer.
It’s no great mystery to see why cryptojacking has begun to outrank ransomware as the exploit dejour. Considering that wannabe hackers can purchase ready-made cryptomining kits on the dark web for the equivalent of just a few dollars, it has become an easy and fast way to make a nice chunk of change. Moreover, victims may never even notice that they have been hacked and so their devices may remain hijacked indefinitely – until they run out of CPU, that is.
How to Prevent Cryptomining on Your Devices 
It may seem kind of impossible to prevent something you may not even notice but there are a few ways you can protect your devices from being hijacked:
Use a cryptomining blocking extension – Open source tools like MinerBlock and NoCoin detect the presence of mining software on websites. If you try to access a website running such software, the extensions alert you.
Install an adblocker – Like we mentioned above, cryptomining malware is often delivered via malvertising campaigns. Using an adblocker prevents those (and all) ads from running on your device in the first place.
Install a capable antivirus and antimalware suiteReason detects and blocks cryptoming, along with everything else that could damage your digital security.
Prevent JavaScript from running – Most miners use JavaScript so block them from running with extensions like ScriptSafe or NoScript.
Patch and update everything – Yes, yes, we know you’ve heard it a million times but it’s still true: keeping your software and OS patched and updated is one of the best ways to prevent any kind of unwanted infiltration.
Cryptomining is still in its infancy – but it’s already everywhere you turn and it’s only going to get worse. Now is the time to make sure you’re aware and protected.