TechViews News …..
The past few years have shown global news headlines on the massive ransom and spyware unloaded on both corporate and personal computers. Millions of names, personal identification data, as well as corporate secrets have been stolen. Additionally ransomware had taken over computers and demanded ransoms to allow users to re-gain access to their computers.
But a new threat has emerged and is showing to be just a big a problem: Cryptojacking. That’s where a website you visit intentionally drops a piece of Java Script on your computer that allows the website owners to secretly mine for cryptocurrency without your knowledge. In effect, they are using your computer’s resources to do their mining for them.
The end effect is that your computer’s use of resources can zoom upwards to 90% slowing your computer to a crawl. And now, the practice of surreptitiously mining cryptocurrency on other people’s hardware is becoming pervasive, overtaking ransomware as a tool of choice for extorting money online.
This week, cybersecurity firm Check Point published its regular Global Threat Index. It shows that Coinhive, a piece of software that uses processing power on someone’s device in order to mine cryptocurrency, has become the most prevalent form of malware on the Internet. Another piece of cryptojacking malware, called Cryptoloot, is now the third most prevalent.
The rogue software exploits the way many cryptocurrencies are mined in order to turn a buck. Bitcoin and many of its newer rivals are given as rewards for performing the computationally demanding cryptographic operations that underpin the transaction records of the currencies—a process known as mining. Steal someone’s computing power by embedding such code in websites or software, and you can make money. Steal enough, and you can make a lot.
“The problem,” explains Lotem Finkelstein, a threat intelligence analysis team leader at Check Point, “is that cryptojacking is simply everywhere—on websites, servers, PCs, and mobile.”
While the problem originally hit home users, Check Point says that it’s affected as many as 55 percent of organizations globally. This because an IT person in a business can easily insert the code that spreads throughout the company’s network, and boom, he’s making money off the usage of the corporate computer.
And it doesn’t even have to be the IT guy. A person sitting in a corner who understands how the script works can easily insert the code from his work station.
And now security researchers at Wandera claim instances on mobile devices increased by 287 percent between October and November of last year.
“It has become a more serious issue than ransomware,” says Finkelstein, referring to attacks like last year’s WannaCry and NotPetya, which lock up computers in exchange for payment.
Other security experts agree. Speaking at a cybersecurity conference in Cambridge, UK, on Thursday, Max Heinemeyer, director of threat hunting at cybersecurity firm Darktrace, said that he has also observed the practice increase massively in recent months. He, too, believes such attacks could overtake ransomware attacks in 2018 as a global security threat.
That’s because it presents a better return on investment for hackers. Mining cryptocurrency is more likely to guarantee an income: ransomware attacks often go ignored, whether because a user knows they can back up their device, can’t afford the ransom, or doesn’t understand how to pay (ransoms are often payable in cryptocurrency, which many people aren’t familiar with using).
It also allows hackers to make money surreptitiously. We counsel our clients that regular antivirus products should help many people identify and remove rogue mining software from their computers. But as this new threat gains in popularity, cryptojackers will improve on their code making it more difficult for current computer protection software to detect and remove. This will create a good vs. evil battle for computing power that will continue for years to come.
Be Safe – Backup Your Data Regularly!
And don’t forget to take advantage of our FREE subscription to the TechViews News Updates. You will receive all of our updates and posts the moment they are published.