A new report from Kaspersky Lab has found that more than 1.65 million computers were targeted by cryptocurrency mining malware attacks in the first eight months of 2017. These attacks can turn a machine into a remotely-controlled mining device without the owner actually knowing about it.
The Russia-based cyber-security firm has only counted attacks on its own clients, so the total number is likely much higher. Also, they failed to disclose whether any of their customers were infected despite the Kaspersky protection.
What we did learn is that the number of attacks is on the rise; last year, Kaspersky has managed to detect a total of 1.8 million attacks, up from just over 700,000 mining malware attacks in 2014.
Botnets are to blame
These attacks are underpinning by several large-scale botnets dedicated to malicious mining activities.
“This results in threat actors receiving cryptocurrency, while their victims’ computer systems experience a dramatic slowdown,” the Kaspersky report reads. “Over the last month alone, we have detected several large botnets designed to profit from concealed crypto mining.”
Said botnets are nothing new; back in the days, they used to be focused on Bitcoin, but today a regular computer can’t mine the world’s first cryptocurrency. So they have turned their attention to scrypt-based altcoins, such as Monero, Dogecoin and Mincoin.
One of the newer botnets discovered this year was developed out of a US National Security Agency exploit that was leaked by a group of hackers known as the Shadow Brokers.
These hackers have discovered NSA’s so called “DoublePulsar” backdoor, which allowed the entry of a Trojan program that installs software to mine for cryptocurrency in the background of a user’s computer.
According to Wired’s report from April, tens of thousands of machines were impacted following the exploit’s release.
Not just Windows machines…
It used to be that only PCs running Windows were affected, but that is no longer the case, with owners of Linux-based machines also experiencing a taste of malware misery.
Symantec was able to identify a version of an old worm that used to target Linux-based routers and set-top boxes, and has ever since been revamped to work on PCs.
Called Darlloz, the worm seeks out Intel-based computers running Linux, installs the “cpuminer” program and sets the PC to mining for either dogecoins or mincoins.
Fortunately, the worm never managed to reach the wide adoption, most likely due to Linux users’ technical skills, though you never know — perhaps some newer version of this (or other) work manages to “reach” the wider audience.
Which leads us to our conclusion…
Conclusion: How to protect yourself?
It is rather straightforward to protect yourself from malware:
- Keep your Windows (any OS, really) and all (or most of) your software up to date.
- Make sure to run the latest version of an anti-malware solution.
- From time to time check your system performance and take note of any suspicious apps running in the background. Use Google to search for app names when you’re not sure what they do.
- Do not install apps from untrusted sources and do not open attachments from people you don’t know.
Malware attacks will continue, hackers will evolve and find new ways to beat you — all of us really. We can make it harder for them by following the few steps above…
On the bright side, there is a reason why these hackers want to take a part of your computer’s power — they too want to get into cryptocurrencies. You can join that trend legally; find the exchange you like, select a few coins and take it from there. Chances are, your investment will grow. Good luck! 🙂