How can we be a victim of the crypto-currency yield without our consent

from 09/01/2020

Stilyan Stoichev, system architect on security at Kontrax AD, interview before the BNR.

The dynamics of the modern world accelerates the fast exchange of information, which is more easily accessible for us, but also more dangerous.

The screen of every mobile device offers many attractive and irresistible advertisements, offers and games. The bigger part of them are selected in a way that can influence our desires and emotions. However, this could be dangerous, if we do not apply the necessary caution and awareness about the new methods of attacking.

One of the new and “modern” attacks is through the yield of crypto-currencies. For this type of threat, the person even no need to know that they are taking part in the “yield”. The crypto-yield without our consent usually happens if the website we are visiting is compromised to inject malicious software for crypto-currencies. In most cases this malicious software is only a few rows, but could cause serious damages.

“After being set on the website, the visitors, without knowing, immediately start to extract crypto-currency on behalf of the cybercriminal, who has implemented it. Another method for this type of attack is in the form of executable file directed to the servers, and not the clients, but in both cases the result is the same – the computing resources are engaged entirely by the malicious software that directs the processor capacity to the yield process. And, of course, all the crypto-currency generated, which usually cannot be tracked, then shall be sent to the accounts of the cyber criminals" – explains Mr Stilyan Stoychev, security system architect at Kontrax AD.

Crypto-malware (malicious, dangerous software) viruses are a serious problem that requires the special caution by all, both end users and those servicing the small and medium business.

The trend we see is very disturbing. According to data published on https://publicwww.com/ more than 50 000 sites in the web space are infected with crypto-currency malicious software.

The impact of these attacks is always the same. The malicious software for crypto-currency uses the existing resources of the processes and directs them to the yield process. Considering the fact that some of these mining operations are carried out for months, then the affected users may see the effect of this influence for example, in the higher bills for electricity, the serious and not typical wear and tear of the hardware, loss of productivity and in some cases, serious physical damages on the devices. Mobile phones and tablets are very susceptible as they are not designed to operate with processor maximum capacity for a long period of time. When they are infected with crypto-malware, they can literally burn if left on the charging device.

Of course, all this becomes even harder due to the fact that some web sites often implement Coinhive (technology for using the machine resources) in browsers and openly ask for visitors consent as a legal way for generating income in exchange of content, games or other services – something that the information security engineers need to fight more often using policies that protect their IT infrastructure.

As with all processes related to the information and communication infrastructure, visibility and transparency are of key importance. “If you find out that a server or a computer operates at maximum capacity without a reason, then there is a problem. Often, however, it is not possible to register the exact threat, which means no contra-action could be undertook. And here is where the Monitoring software may provide a serious assistance. This is not a security instrument, but an addition to the entire transparency of the IT infrastructure. The software, can be used, except for monitoring for malicious software and botnets (network of infected devices), also for monitoring for phishing sites, which then can be reported to the hosting provider" – recommends Mr.Stoychev.

In addition to the security solutions every administrator must have an appropriate tool for full vision and coverage of the infrastructure, in order to be constantly informed about the condition of the networks, servers, end devices and their operability. These are the functions performed by the Monitoring software. It monitors all systems, devices, traffic and applications in the IT infrastructure without the need of additional plugins or downloads. Such solution is, for example, the PRTG solution – powerful and easy way for monitoring and analysis, suitable for any type of organization. The visualization it offers, the variety of reports and analytic functions, also through the mobile application, makes the software a reliable tool for monitoring and notifying in case of indications for a problem. Using this specialized software, you stay calm and comfortable that in any moment you are aware if there are potential threats and if you are the target of an attack. The only way to make the correct decision, is to response appropriately and to have sufficient and timely information.

 

This article is prepared by KONTRAX experts, a company with 27-year experience in the services related to the system integration and information security solutions. For details, please ask our expert at: www.kontrax.bg.