[2018-12-03]Crypto Mining Malware has Become a New Way of Tricking Innocent User

[Vladdirescu87]

Crypto Mining Malware has Become a New Way of Tricking Innocent Users

Ransomware has always been the main means of getting access to easy money for cybercriminals. However, the tendency shifted since new powerful financial technology began to evolve. Cryptocurrency mining platforms, especially those focused on Bitcoin and Monero, have become the favourite victims of malware programs.

Read the details in the article of Coinidol dot com, the world blockchain news outlet: https://coinidol.com/crypto-mining-malware/

[Betwrong]

According to Kaspersky, the most frequently used digital currency by cybercriminals is Monero (XMR). The main reason for it is probably its anonymous algorithm. In addition, XMR is easy to sell, as it is accepted in most popular crypto exchanges. Thus, try to restrain yourself from buying anonymous virtual coins, such as Monero.

I don't understand. How's buying Monero or other privacy-focused altcoins can be dangerous? Also, how do they install malware on crypto mining machines?

And one more question, as long we are talking about this. Until recently there was was this message on the front page of The Pirate Bay:



But it is not there anymore. Does it mean they have stopped mining XMR or they have just decided to not warn you?

[BitMaxz]

I don't understand. How's buying Monero or other privacy-focused altcoins can be dangerous? Also, how do they install malware on crypto mining machines?

No, they don't but there are some malware that can steal your CPU usage and use for mining XMR. Some website could also steal your CPU usage every time you visit the site same as the pirate bay website.

And one more question, as long we are talking about this. Until recently there was was this message on the front page of The Pirate Bay:




But it is not there anymore. Does it mean they have stopped mining XMR or they have just decided to not warn you?

Old pirate bay has seized by FBI  that I think the original website is no longer work. There are many TPB clones which I think still have this script in their own website if you don't have adblocker or mining blocker in your chrome or firefox the script will steal your CPU usage and mine XMR. So if you don't experience high CPU usage your desktop or laptop when accessing the clone piratebay it means that they don't have this mining script and maybe it is another clone of other piratebay websites that don't know how to put the mining script in their own website.

[Lucius]

Coindol is once again discovered hot water, by writing about crypto malware which steals users CPU to mine in most cases Monero. But they did not write difference between mining scripts which run in browsers (when user visit site with such script and no protection), and classic and much more dangerous crypto malware which is installed on the user device as fake software or part of the original software.

Innocent users are not really innocent, they are just uninformed and live in ignorance. Only good antivirus with firewall and additional antimalware protection are enough to protect every internet user of such threats. Such security software is block any attempt of browser mining or downloading crypto malware on device, at least in my case.

[KryptoKai]

Although these are nasty they are not as nasty as a crypto locker virus. I think we'd all prefer it if criminals focused on this instead as it is still profitable for them but in a less destructive way for the end users.

[hatshepsut93]

Coindol is once again discovered hot water, by writing about crypto malware which steals users CPU to mine in most cases Monero. But they did not write difference between mining scripts which run in browsers (when user visit site with such script and no protection), and classic and much more dangerous crypto malware which is installed on the user device as fake software or part of the original software.

Innocent users are not really innocent, they are just uninformed and live in ignorance. Only good antivirus with firewall and additional antimalware protection are enough to protect every internet user of such threats. Such security software is block any attempt of browser mining or downloading crypto malware on device, at least in my case.

Antiviruses are not as good as we'd want, I wouldn't rely on them. For the browser, it's best to use both adblocker addon and no-script addon together, and only add very trusted sites as exceptions (youtube, google, etc.). As for software, usually miners and other malware comes with cracked software or just some shady sites. So, it's better avoid it, or at least do some research to use more or less trusted sources for cracked software. But what is more important than mining malware is to never use any crypto wallets on potentially unsecure machine, because crypto-stealing malware is far more dangerous.

[Lucius]

Antiviruses are not as good as we'd want, I wouldn't rely on them. For the browser, it's best to use both adblocker addon and no-script addon together, and only add very trusted sites as exceptions (youtube, google, etc.). As for software, usually miners and other malware comes with cracked software or just some shady sites. So, it's better avoid it, or at least do some research to use more or less trusted sources for cracked software. But what is more important than mining malware is to never use any crypto wallets on potentially unsecure machine, because crypto-stealing malware is far more dangerous.

Depends on what antivirus you are using, some free version are certainly not the best solution and also some paid versions sometimes can create more problems than benefits. I do not want to promote specific software I use, but it is all in one complete solution (AV+Firewall+Antimalware), and it is working perfect for years, with help of Malwarebytes Premium.

Every attempt to launch mining script is successfully stopped and every file is analyzed - so I think every user can be pretty well secured online with a very small investment. Of course, such software should be updated on a regular basis with latest antivirus/malware definitions.

As for the crypto wallets, only safe way for me is hardware wallet -  I do not trust any online or desktop wallet, even with all the precautions I take.

[Betwrong]

~

And one more question, as long we are talking about this. Until recently there was was this message on the front page of The Pirate Bay:




But it is not there anymore. Does it mean they have stopped mining XMR or they have just decided to not warn you?

Old pirate bay has seized by FBI  that I think the original website is no longer work. There are many TPB clones which I think still have this script in their own website if you don't have adblocker or mining blocker in your chrome or firefox the script will steal your CPU usage and mine XMR. So if you don't experience high CPU usage your desktop or laptop when accessing the clone piratebay it means that they don't have this mining script and maybe it is another clone of other piratebay websites that don't know how to put the mining script in their own website.

The TPB clone I currently use doesn't have such a warning and I don't experience high CPU usage so probably they don't mine XMR on users computers anymore. But still I have a question about the the situation we had in the past(and probably may encounter in the future). If I use such a site for 20-30 seconds to find a magnet link, and then I copy the link and close the site, does it mean that actually XMR is mined on my computer only for 20-30 seconds? I mean if what a TPB forum moderator once said was true,

“The time it takes to download a torrent is completely and utterly irrelevant. All you require from TPB is a magnet link. Open the site. Find a torrent. Click the magnet link. Close the site. End of miner”

then what could they gain from most users, who, most likely, were using the site the way I was?

[Lucius]

The TPB clone I currently use doesn't have such a warning and I don't experience high CPU usage so probably they don't mine XMR on users computers anymore. But still I have a question about the the situation we had in the past(and probably may encounter in the future). If I use such a site for 20-30 seconds to find a magnet link, and then I copy the link and close the site, does it mean that actually XMR is mined on my computer only for 20-30 seconds? I mean if what a TPB forum moderator once said was true,

“The time it takes to download a torrent is completely and utterly irrelevant. All you require from TPB is a magnet link. Open the site. Find a torrent. Click the magnet link. Close the site. End of miner”

then what could they gain from most users, who, most likely, were using the site the way I was?

The key to their earnings (through browser mining) lies in fact that most users still have a different habits then you. They stay a lot longer on the page looking for what interests them, so your 20-30 seconds of search for someone else can be 2-3 minutes or 20-30 minutes.

If you know what you want than it can be short visit, but from my personal experience I can tell that I need on average at least 5 minutes to pick what to download, even if know what I want. It is because I check other users comments, trying to find best file by size and number of seeds.

When all this is taken into account, there is still quite solid earnings for the remaining torrent pages which use mining scripts.