Assessing the Dangers Caused by Cryptojacking - Security Boulevard

Assessing the Dangers Caused by Cryptojacking

Cryptojacking, also known as crypto mining, is an online threat hidden on a computer or a mobile device, using its resources to mine for cryptocurrencies. While doing so, cryptojacking takes over control of all types of technical devices and considerably impairs their functionality. 

As malware goes, cryptojacking is a pretty nasty piece of work. The malware can infiltrate your computer without you knowing and once there, it makes itself right at home. It then proceeds to turn your machine’s processing power against you, using it to perform mathematical calculations to mine cryptocurrency for the hacker.

FinConDX 2021

In the past, strong antivirus software has often worked well to limit infestation. However, there’s a new strand of malware that’s not only sliding under the radar but also spreading throughout networks to infest entire companies, without a signal trace.

Varonis vs. Monero-crypto

This latest strain is known as the Monero-crypto-mining campaign and was exposed by the security force at Varonis following a spate of complaints from clients. Problems ranged from issues with slow networks to applications that would not stay open or function properly. Suitably perturbed, the cybersecurity force probed further and discovered classic signs of cryptojacking, including network alerts that were out of place and suspect file activity.

Things got even hairier when Varonis started going from station to station. The cybersecurity team discovered that almost every server and physical piece of hardware was infected. They also found evidence of corruption via password stealers. Clearly, the anti-malware software on these computers was failing and drastic action was required.

Further analysis led to the conclusion that the virus was a variant of the malware nicknamed “Norman”—a discovery that piqued the interest of security experts. This variant was not only mining Monero efficiently, but it was also able to remain undetected.

This proved to be a troubling development in the battle between malware and the systems designed to halt it.

How Norman Evades Detection

The first of its evasive tactics is a trick whereby the mining application shuts down when a user opens Windows Task Manager. This shows up nothing suspicious to the average computer user. When Task Manager closes, the app reopens and gets back to work.

The malware also has the ability to communicate with an external command-and-control server, which allows the hacker to use the information received from the various instances of malware to analyze its performance. With this malware, the hacker can even shut down the virus or give it a different mission.

So far, it remains a mystery who installed it in the first place.

How to Protect Against Norman

To protect against Norman companies need to close their security gaps. Many organizations are failing in this area. Operating systems and software need to be kept up-to-date by applying cybersecurity updates and patches as soon as they come available. So many hackers and cybercriminals are intimately aware of existing vulnerabilities in the largest operating systems and will go after them to exploit the lazy.

Another big security play for organizations is to monitor CPU usage. This is not often done daily with plugged-in workstation computers in a professional environment. It’s easier to recognize this sort of malware on a battery-powered device such as a smartphone, as the battery will drain quite quickly (CPU power is used with no obvious app open).

The Future of Cryptojacking 

There’s no doubt that cryptojacking is a very real concern. The malware used to “mine” cryptocurrencies is sophisticated and saps processing power, which can cause network problems and impact on the electrical infrastructure of a company. Unfortunately, it looks as though cryptojacking will be with us for a while, so we must be vigilant and guard against malware wherever possible.

Charlie J. Powers

Featured eBook
7 Must-Read eBooks for Security Professionals

7 Must-Read eBooks for Security Professionals

From AppSec to SecOps, Security Boulevard eBooks deliver in-depth insights into hot topics that matter to the Cybersecurity and DevSecOps professionals. Our staff of writers are the best in the business, with decades of practical and award-winning experience and credentials. We are excited to share our 2019 favorites. Take a look and download some of ... Read More
Security Boulevard

Charlie J. Powers

With extensive experience in the logistics industry, Chaz has a high skill base and working knowledge of the automotive manufacturing sector. He is conversant in logistics, goods in and shipping, warehouse management, transport co-ordination, production management, client liaison, project management and lean techniques. Nowadays Chaz enjoys penning articles on the industry he has been a part of for many years. When he’s not busy working you will find him chewing over an impossible crossword puzzle with a black coffee very nearby.

charlie-j-powers has 1 posts and counting.See all posts by charlie-j-powers