The Rise of Crypto Malware

Could your smart TV be mining cryptocurrency while you are watching “The Witcher”?

Crypto malware is a new form of malware that uses device processing power to mine crypto currency.  McAfee’s December 2018 Threat Report stated that crypto malware grew by 4000% in 2018 to over 3,000,000.  In 2019 the number of crypto malware attacks fell slightly, but crypto malware is still a hot trend. 

What is Malware?

The world malware is a combination of the words malicious and software.  Malware is harmful software with many different functions.  Viruses, worms, and Trojan horses are all considered forms of malware. 

What is Cryptocurrency?

Cryptocurrency is a form of currency that is created and maintained with a cryptographic algorithm.  These currencies exist outside of traditional banking and are exchanged through internet transactions. 

To explain how cryptocurrency works, let’s look at Bitcoin, the most popular cryptocurrency.  To protect against fraud, Bitcoin records every transaction in an ever evolving ledger called a blockchain.  These transactions are written to the blockchain by Bitcoin “miners”.  These miners use computers to process these transactions and update the blockchain in a process called “mining”.  In exchange, the miners receive new Bitcoin for their efforts. 

What Does Crypto Malware do?

Crypto Malware takes over a device and uses its processing power to “mine” cryptocurrency.  The cryptocurrency that is awarded for mining goes directly to the attacker. 

Attackers are motivated to keep this malware running as long as possible.  The longer the malware remains operational, the more mining is done for the attacker.  Crypto malware is designed to remain hidden.  It does this by only using a portion of the device’s computational power to perform mining.  Because it is only using a portion of the device’s computing power, the user might not notice a difference in performance.  Attackers will use many infected devices together to perform mining for as long as possible.  In fact, some crypto malware has been discovered to have been working undetected for years.

The Attacker’s Favorite Cryptocurrency: Monero

Monero was founded in 2014 and has a feature which stands out to attackers, it has mechanisms in place to protect coin owner’s privacy.  While coins like Bitcoin track all of their transactions, Monero coins can be freely exchanged for one another at any time.  This means that malicious actors can use these coins for criminal activities without fear of those activities being traced back to the attacker.  The attacker could simply exchange the ill-gotten coins seamlessly. 

Monero coins can also be mined using central processing units (CPUs).  Some coins, like Bitcoin, are best mined using graphics processing units (GPUs) rather than CPUs.  This means that Monero can be mined using smart devices that are easily recruited by attackers. 

Smart Device and the Internet of Things

Smart devices, like televisions, home assistants, doorbell cameras, and even refrigerators can be infected by malware just like any other device.  In fact, the security mechanisms on these devices are usually much weaker than standard computers.  Attackers are often able to compromise these devices by trying default usernames and passwords. 

Once a smart device is infected with crypto malware, it will mine for crypto currency just like any other computer.  So, while you might pass a coin to your Witcher, your smart TV might pass a coin to a hacker.

How to Protect Yourself

Attackers like to take advantage of default usernames and passwords on smart devices.  So, be sure to change the usernames and passwords of any devices that connect to your home network.  One vulnerable device can open up your entire network to malware attacks.

Install anti-virus and anti-malware on your home computers and laptops.  I recommend Malwarebytes anti-malware, which is a dedicated anti-malware program.  There is a free version that does a great job of detecting malware, such as crypto malware.

Also, install antivirus on your mobile devices.  Mobile devices are often overlooked when it comes to antivirus software.  Norton mobile security provides excellent protection with its free package and includes paid options.  Bitdefender mobile security is an excellent option but comes with a yearly fee. 

If you have an iPhone, you won’t need to install antivirus software.  Due to the nature of the iPhone’s operating system (IOS), antivirus software will not have the permissions needed to run effectively.  Even if you have antivirus software, IOS won’t grant full permissions to the software and it won’t be able to detect malware outside of the areas where it has permissions.  The best protection method is to simply keep the IOS updated.

As cryptocurrencies gain in popularity the cyber security community can expect to see more types of crypto malware and evolving attack methods.  Good security practices and properly trained security professionals are needed to keep systems and devices secure and free of malicious software like crypto malware. 

Related Articles