There’s a new bad guy in town to go with malware, ransomware, and spyware. It doesn’t steal information, just computing power. It’s illicit crypto-currency mining.
“Mining” may need a bit of an explanation. Crypto-currencies like Bitcoin need to grow over time. The way it happens is by running very processor-intensive code which generates new Bitcoins or Monero or whatever the unit of currency may be. That’s called mining.
People dedicate whole server farms to this activity. Other, less honest people use someone else’s computers to do the work for them. They rely on the usual tricks, such as phishing email and security holes in Web servers, to plant their software. It then runs quietly, crediting the generated currency to the intruder.
This kind of malware doesn’t necessarily steal data, but it’s bad for the victim in several ways:
- It uses up processing power, slowing down the machine’s intended functions.
- It increases electrical power consumption, since active processing draws more electricity than waiting for something to happen.
- It can make the system less stable and cause crashes.
- It’s very hard to be sure it isn’t also stealing data, so an incident has to be investigated as a security breach.
- Even if it isn’t stealing data, it could be a conduit for installing other malware.
The Cost of Mining
One computer will generate just a few cents a day in crypto-currency, but a botnet of thousands of machines can add up to a significant amount of money, especially since the victims pay the electric bill.
Incidents of this kind have been happening at least since 2014, but lately they’ve been increasing at a high rate. Recently a hospital in Tennessee was hit by mining malware.
IoT devices are favorite targets, since many of them are easy to compromise and people aren’t likely to notice. The attack methods are mostly the same ones used for other forms of malware, and the security precautions are the same: Be careful with email, create difficult passwords, use anti-malware software, patch applications and operating systems regularly, and so on.
Mining software is usually harder to detect than other malware, since it doesn’t do obvious damage and doesn’t need to send a lot of information back. Listing processes by the amount of computing resources they use will reveal that something odd is going on. It’s one more thing to guard against in a world full of online threats.
Contact us to learn how we can help keep your systems safe in a dangerous Internet.