[MART] - Daily Diary #417 - Malware Types - Crypto(currency) Miners

CTAS-MAT ctas-mat at appgate.com
Wed Dec 22 20:33:14 UTC 2021


I hope everyone is doing well!

Below is the entry for today.

12/22/2021 - Diary entry #417:

Today we will continue our thread on Malware Types, started on Daily Diary #328, talking about Crypto miners.

Since the boom of Bitcoin, cybercrime noticed in cryptocurrencies an opportunity to profit. While crypto-enthusiasts were building mining operations that could profit even with the hardware and high energy costs, cybercrime started to build malware to mine cryptocurrencies at the expense of others.

In the beginning, crypto miners were very simple, just instantiating mining software in the infected machine and sending the profit to the attacker's account. This very simplistic approach was too easy to spot, users often noticed their machines slow and sometimes even reaching dangerous temperatures for the hardware, due to the intensive use of CPU/GPU the mining process requires. When bitcoin became too hard to mine using common hardware, cybercrime quickly moved to more profitable currencies like Monero and Ethereum.

Today crypto miners are much more evolved, operating stealthily without using all the hardware capacity, so they don't cause the systems to be slow or the temperature to increase too much. Sometimes they even shut down for a while to avoid being detected.

Crypto mining operations can be more profitable than ransomware in the long run. Even considering that regular computers are not efficient in mining cryptocurrencies, after infecting a large amount, the attackers can still profit. In comparison with ransomware, those attacks are hardly disrupted by law enforcement, given that are considered less dangerous and generate less financial harm.

Kind Regards,


[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/>     [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity>   [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>

Felipe Tarijon de Almeida
Malware Analyst

E: felipe.tarijon at appgate.com<mailto:felipe.tarijon at appgate.com>
O: +55 11 97467 9549

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/mart/attachments/20211222/5e8205f0/attachment.htm>

More information about the MART mailing list