Cylance vs. Cryptocurrency Malware

Background

It’s not news that cybercriminals can use malware to steal items of value. Whether it’s encrypting your personal family photos and charging you a ransom to get them back, or targeting ‘big ticket’ items like unreleased Disney movies or popular TV shows (illustrated in this week’s hack of HBO, potentially compromising future episodes of Game of Thrones), anything of value is a potential target.

One area experiencing explosive growth and ever-increasing value in recent years is cryptocurrency. Cryptocurrencies such as Bitcoin, Ethereum, and other altcoins have seen a huge increase in popularity and adoption among users and service providers. These currencies represent nearly $100B of market capitalization, and continue to rise through Initial Coin Offerings (ICO).

With this growth comes unwanted interest from the dark side of the web. Cybercriminals and malware authors are waiting to pounce to get their share, and their tactics are growing ever more sophisticated.

Watch the video: Cylance Versus Cryptocurrency Malware:


VIDEO: Cylance Vs. Cryptocurrency Malware

Why is This an Important Issue?

There are many ways that malware authors can get their hands on your cryptocurrency:

  1. Distribute ransomware and get paid with cryptocurrency
  2. Use cryptocurrency-stealing malware targeting digital wallets
  3. Compromise systems and use those resources for cryptocurrency mining

With the massive growth in computing power, both CPU and more importantly GPU, malware authors can use your computer to do their dirty work for them. Sort of like creating a botnet from thousands of innocent computers hooked up to the Internet, cryptocurrency mining can leach CPU/GPU cycles from thousands of computers at once, to mine and deposit cryptocurrency funds into the author’s digital wallet.

How Can I Get Infected?

Using social engineering techniques, cryptocurrency malware is usually delivered to the user as an executable file – see the example in the video above. The (Read more...)

This is a Security Bloggers Network syndicated blog post authored by The Cylance Team. Read the original post at: Cylance Blog