By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    What is a rootkit and how to remove it
    8 months ago
    The Mask – Unveiling the World’s Most Sophisticated APT Campaign
    8 months ago
    Regin APT Attacks Among the Most Sophisticated Ever Analyzed
    8 months ago
    Latest News
    Safeguards against firmware signed with stolen MSI keys
    16 hours ago
    WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
    16 hours ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)
    6 days ago
    Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign
    7 days ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    For 0-day vulnerabilities in Windows, temporary patches
    7 months ago
    Windows 11 22H2 (build 22621.317) outs in the Release Preview Channel
    8 months ago
    How to avoid problems installing Windows 11 22H2
    8 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    3 months ago
    Now you can speed up any video in your browser
    3 months ago
    How to restore access to a file after EFS or view it on another computer?
    4 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    4 months ago
  • How To
    How ToShow More
    What is two-factor authentication | Kaspersky official blog
    2 days ago
    Acer refreshes Windows 11 PCs for work and play: Swift Edge 16 and Predator Triton 16
    4 days ago
    NVIDIA GeForce RTX 4080 New Mercury Editions of Razer Blade 16 and Blade 18 now available
    4 days ago
    How Oxy uses hooks for maximum extensibility
    How Oxy uses hooks for maximum extensibility
    5 days ago
    The personal threat landscape: securing yourself smartly
    5 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    How to remove Taskbar time and date on Windows 11 (preview)
    2 months ago
    How to add multiple Android and iPhone to Phone Link on Windows 11
    1 month ago
    How to check USB4 devices specs from Settings on Windows 11
    2 days ago
    Latest News
    How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
    2 days ago
    How to enable Taskbar End Task option to close apps on Windows 11
    2 days ago
    How to check USB4 devices specs from Settings on Windows 11
    2 days ago
    How to enable new header UI for File Explorer on Windows 11
    7 days ago
  • Glossary
  • My Bookmarks
Reading: Hidden mining and botnets
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
Threats

Hidden mining and botnets

Tom Grant
Last updated: 13 October
Tom Grant 8 months ago
Share
6 Min Read

Cryptocurrency mining is an IT industry buzzword and a rapidly growing phenomenon. As part of this far-reaching trend, more and more people take up “mining,” or adding blocks to a blockchain and getting rewarded for it with cryptocurrency. In doing so, these miners come up with more and more ingenious ways, not all of which are legal, to earn the coveted coins. And some of the more enterprising “miners” have no qualms about doing this at your expense.

Contents
Why miners need your computerHow a hidden miner ends up on your computerScale of the problemHow to protect yourself against this threat

Why miners need your computer

We have written before about botnets and how hackers can turn your computer into a zombie and make it a part of a botnet. A network of such zombie computers can be used for a variety of purposes, including but not limited to cryptocurrency mining.

In layman’s terms, your computer becomes a part of a distributed network whose computing power is used to mine a cryptocurrency that ends up in the botnet owner’s pocket. Several thousand computers on a botnet can mine cryptocurrencies much more effectively than a single computer can. In the case of a mining botnet, victims also foot the electricity bill, making installing miner applications on the computers of unsuspecting users a very lucrative business for hackers.

Note that a rank-and-file user can install a miner application intentionally, to mine cryptocurrency on their own. Distinguishing legal mining from illegal activity is the challenge. Miner applications are identical; the difference is in the covert installation and operation of illegally acting applications.

How a hidden miner ends up on your computer

In most cases, a miner ends up on a computer with the help of a purpose-built malicious application, a so-called dropper whose chief function is to secretly install another application. Droppers usually come under the guise of pirated versions of licensed products or activation key generators for them. Users look for this type of software on peer-to-peer networks and download it intentionally.

When the downloaded file is launched, an installer is deployed on the victim’s computer and in turn downloads a miner and a special tool that conceals it in the system. The application can also come complete with services that ensure its autorun and configure its settings.

For example, such services can suspend the miner when the user starts certain popular computer games. (The miner uses the computing power of the graphics card, and therefore, the game may start lagging and arouse the user’s suspicion.)

Such services can also attempt to disable antivirus products, suspend the miner when a system monitoring tool is running, and restore the miner if the user tries to delete it.

Scale of the problem

Hackers distribute such applications as a service. They use Telegram channels devoted to online work opportunities; you might come across ads offering trial versions of such droppers for distributing a hidden miner.

To give you an idea of the scale of this phenomenon: Our experts recently detected a botnet consisting of an estimated several thousand computers on which the Minergate miner was secretly installed. It mines not highly popular bitcoins but mostly those cryptocurrencies, such as Monero (XMR) and Zcash (ZEC), that allow the concealing of transactions and wallet ownership. The most conservative estimates reckon a single mining botnet can fetch more than $30,000 per month. More than $200,000 passed through the wallet used by the botnet our experts detected.

Monero wallet, used by criminals, mentioned above. Monero’s current exchange rate is about $120

How to protect yourself against this threat

Kaspersky Internet Security protects you against malicious droppers by default. Just make sure that your AV application is on at all times and this malware won’t stand a chance of infiltrating your computer. If for some reason you deactivate AV and run a manual scan after becoming suspicious, Kaspersky Internet Security will immediately detect this full-fledged Trojan and prompt you to get rid of it.

Unlike droppers, miners are not malicious applications, as we mentioned earlier. That’s why they fall into our riskware category — software that is legitimate but can be used for malicious purposes (you can find more details on what’s included in this category here). Kaspersky Internet Security does not block or remove such applications by default; a user may have installed them on purpose.

If you prefer to err on the side of caution and are certain that you won’t be using miners and other riskware, you can always open Kaspersky Internet Security’s settings, find the Threats and Exclusions section, and select the check box by Detect other software. Last but not least, scan your system regularly: Your security solution will help you avoid installing and running any unwanted applications.


Source: kaspersky.com

Translate this article

TAGGED: Malware, PoC, Riskware, Security, Software, Threat, Threats, Trojan, Vulnerabilities
Tom Grant October 13, 2022 October 7, 2022
Share this Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Safeguards against firmware signed with stolen MSI keys
Threats 19 hours ago
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Wordpress Threats 19 hours ago
How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
News 2 days ago
How to enable Taskbar End Task option to close apps on Windows 11
News 2 days ago
How to check USB4 devices specs from Settings on Windows 11
News 2 days ago

Recent Posts

  • Safeguards against firmware signed with stolen MSI keys
  • WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
  • How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
  • How to enable Taskbar End Task option to close apps on Windows 11
  • How to check USB4 devices specs from Settings on Windows 11

You Might Also Like

Threats

Safeguards against firmware signed with stolen MSI keys

19 hours ago
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Wordpress Threats

WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin

19 hours ago
News

How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11

2 days ago
How To

What is two-factor authentication | Kaspersky official blog

2 days ago
Show More

Related stories

How to Use Cloudflare to Secure Your WordPress Site
How To Starting Chrome from the command line
How to fix error 0x80070057 in Chrome?
Windows 10 How To Disable Slide to Shutdown
Windows search not working (FIX)
How to watch movies and TV series for free on Kinopoisk?
Previous Next

10 New Stories

What is two-factor authentication | Kaspersky official blog
Acer refreshes Windows 11 PCs for work and play: Swift Edge 16 and Predator Triton 16
NVIDIA GeForce RTX 4080 New Mercury Editions of Razer Blade 16 and Blade 18 now available
How Oxy uses hooks for maximum extensibility
The personal threat landscape: securing yourself smartly
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)
Previous Next
Hot News
Safeguards against firmware signed with stolen MSI keys
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
How to enable Taskbar End Task option to close apps on Windows 11
How to check USB4 devices specs from Settings on Windows 11
10alert.com10alert.com
Follow US

© 10 Alert Network. All Rights Reserved.

  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?