Saturday, April 13, 2024

Cryptocurrency Mining Disadvantages

The misuse of corporate resources

We have detected a series of incidents involving employees who deliberately installed cryptocurrency (BTCP Wallet) mining software on their business device to gain personal gain. The unscrupulous employee does not have to pay for the electricity required to operate the equipment he uses at work: his employer does it for him. He therefore converts this electricity into cash by requisitioning it for mining purposes.

This type of behavior is often considered a violation of the compliance rules and expands the attack surface of devices with the mining program. It puts the device of the company in danger and increases the operating costs, because the equipment used for mining purposes generally have a higher electrical consumption. Over the past twelve months, the cryptocurrencies most often concerned by this type of activity were the Ethereum and the Monero, two altcoins whose mining can generate profits without causing excessive increases in energy expenditure.

Coinhive, the script that undermines cryptocurrency to the detriment of Internet users

Coin Hive is a technology that allows the owner of a website to appropriate the computing power of their visitors’ devices to mine a tiny fraction of cryptocurrency (BTCP Wallet) for their own benefit. During their visit to the infected site, Internet users see the consumption of resources on their computers grow slightly. Some websites test this model because they see it as an alternative method of revenue generation for advertising and banner insertion.

The use of Coinhive is usually done without the prior consent of visitors. We screened several devices from customers who regularly visit sites that take advantage of this technology. While the increase in the electrical consumption of a device during navigation on one of these sites remains in itself negligible, it suffices that a large part of the personnel goes to sites using Coinhive without his knowledge to increase the power consumption. of all the business and the expenses that go with it.

The malicious employee

A malicious employee compromised his employer’s website by injecting a Coinhive script. This small program will then exploit the resources of each visitor of the website to generate Monero for the benefit of the unscrupulous employee.

The classic malware

Cyber ​​criminals continually seek to improve the return on their business. Several studies suggest that they are starting to adapt their monetization methods to the financial resources of their targets. You can not afford to pay the amount claimed via a ransomware? Too bad, they will install a mining program on your device to make sure you get something out of it.

Hackers are creating programs that are increasingly sophisticated, capable of acting in stages and changing their payload. Once a malware has successfully infected a system, its authors can often decide how best to exploit this intrusion. Do they have interest in encrypting device data to demand ransom? To set up a Trojan horse to collect banking information? To deploy other spying modules to try to extract data? Added to these options is the ability to install a cryptocurrency mining program.

These malicious programs are so stealthy that they usually go unnoticed for weeks. The infection can be contracted via a simple phishing e-mail with a document containing a macro. As soon as a user activates the macro, the program downloads a script without file that is injected into the RAM and remains undetectable by a conventional antivirus. Its control and communication functions are mostly managed via IP addresses renewed daily to escape threat detection systems and blacklisting attempts. And as no visible damage is caused at first, these attacks often remain invisible for long periods, as long as the

This phenomenon becomes all the more worrisome as malware creators now have the opportunity to change their payload overnight if they believe that the operation can be more profitable for them. They can turn into ransomware a Trojan whose initial goal was to undermine the cryptocurrency discreetly. Although we have not yet seen an attack of this kind in nature, the scenario is quite plausible. And in the virtual world, what is feasible always ends up being done.

Related Articles

- Advertisement -spot_img

Latest Articles