Malware spotlight: Crypto-jacking

Introduction

In this article, we will explore crypto-jacking, a growing malware-based epidemic in the cryptocurrency realm. Before understanding this threat, though, it is necessary to understand more about cryptocurrency and cryptocurrency mining.

What is cryptocurrency?

Cryptocurrency refers to digital money that can exist in a secure and decentralized form. It can be purchased, transferred and/or sold securely using blockchain technology, which uses cryptography to encrypt and protect data that helps in identifying and tracking cryptocurrency transactions. 

Unlike traditional money, cryptocurrency is not managed or backed by an authorized third party, such as a government or bank. Rather, cryptocurrency transactions are verified by the network of computers that are not affiliated with any single server.

What is cryptocurrency mining?

Cryptocurrency mining is the process in which transactions between users are verified and then added into a blockchain public ledger. The mining process is also responsible for adding new coins into the existing circulating supply and is one of the basic factors that allow cryptocurrencies such as Bitcoin or Litecoin to work as the peer-to-peer decentralized network without the need for any central third-party.

The control and security of this network are maintained by miners, or crypto-miners — the people who mine coins.

What is cryptocurrency-mining malware?

Cryptocurrency-mining malware, also known as crypto-jacking, is malicious software that penetrates people’s devices (e.g., smartphones, tablets, computers or even servers) to secretly mine cryptocurrency without users’ explicit permission.

Threat actors do not build a dedicated crypto-mining network. Instead, they use cryptocurrency-mining malware to hold control of the resources of a victim’s computer, usually a CPU and memory resources. When all resources are added up, hostile actors can compete against sophisticated crypto-mining operations.

Since crypto-jacking only uses CPU power, it may go unnoticed on a computer. As a result, your CPU will soon (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Fakhar Imam. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/IvVSOqpzwDE/