Move Over, Ransomware – Cryptomining is the New Top Tech Menace

Until recently, ransomware has been the main threat facing tech users. This type of malware, which locks up files and systems until users pay a ransom, has topped the charts as the most widespread and dangerous form of malicious code around.

Now there’s a new contender for that dubious honour: cryptominers. Cryptominers are pieces of code that utilise unused processing power to mine cryptocurrences such as Bitcoin, Litecoin or Monero. While this isn’t bad in itself, the fact that cryptominers can be stealthily inserted onto a user’s system without their knowledge makes them a legitimate threat.

Some cryptominers are intended to be downloaded onto a target device. These may be injected using other malicious code or may be bundled with software to be downloaded by the user. Notable offenders are torrent applications, which frequently come with cryptominer software built in. In other cases, the cryptominer code is designed to run in a user’s browser. This may be done openly – some websites have been experimenting with opt-in cryptomining as an alternative to conventional revenue sources like ads. More usually it’s done covertly, with the cryptominer concealed from the user through devious measures like pop-unders and windows that hide beneath the toolbar.

A large number of big-name anti-malware providers have begun actively blocking cryptominers and treating them as potentially serious hazards, due to the way in which they tie up processing resources. In the worst cases, rogue cryptominers can damage or even destroy a device by forcing the CPU (central processing unit) to run at full capacity for extended periods of time. Especially in older or poorly maintained systems, this kind of overuse can cause a device’s CPU to burn out.

In-browser cryptominers tend to produce poor returns – a recent report suggested that the biggest user of notorious cryptominer Coinhive made less than eight USD over the course of three months. Because of this, it’s likely that the browser-based cryptominer threat will diminish in the short to medium term. Much more lucrative are infections targeted at servers, which provide a significant amount of processing power to data-hungry cryptominers. Even smaller devices can still be useful, however, if the culprit can infect enough of them. Cryptominer infections have even been found on mobile platforms such as Android. While in-browser miners may be a passing fad, it’s likely that other forms of illicit mining malware will continue to proliferate.

To counter the threat, users are advised to follow standard anti-malware precautions:

• Take steps to prevent unauthorised access to devices, systems and websites.
• Run effective anti-malware applications and keep them properly updated.
• Keep reliable backups of all important files.
• Act immediately if a system seems slow or behaves oddly, ensuring that no unwanted programs are operating and running anti-malware checks.

It’s also a good idea to avoid installing programs with a poor security pedigree, such as pirated software or dubious packages such as torrent applications. Source your software from reputable providers and always check the small print before you install a new package.