Why Bitcoin and Other Cryptocurrencies Spell Trouble for Cybersecurity


Guest Contributor: Jeremy Moskowitz

Last year, Merriam-Webster added the word, “Bitcoin” to its latest version of the authorized Scrabble dictionary game. As the most recognized form of cryptocurrency, bitcoin has become embedded in our vocabulary thanks to the barrage of media stories outlining it ascension to financial investment stardom in 2017. Those lucky of enough to get in at the right time saw their digital wallets swell as the price of Bitcoin and other cryptocurrencies seemed to have no limit. But last year, fortunes reversed for many who had put their hopes on this new digital form of gold. Many investors only had a vague understanding of what cryptocurrency was and certainly didn’t realize that Bitcoin is just one of over 1,600 cryptocurrencies today. So while it may be the only cryptocurrency you can use in Scrabble, there are many others that have made investors rich.

The Dirty Business of Cryptomining

There are ways to make money from cryptocurrency other than buying the digital coins and waiting for the price to go up. Cryptocurrency is an alternative, decentralized currency not affiliated with any government state. It is supported by a technology called “blockchain,” which is a digital ledger of economic transactions between parties that can be openly verified across peer-to-peer networks. Blockchains are created by individuals called “miners” who use powerful computer systems to solve the computationally intensive and required mathematical tasks. In exchange for creating and managing the ledgers, miners get a share of the cryptocurrencies they mine.

Called cryptomining, it is difficult to make money this way, just as it is with traditional mining. To effectively cryptomine requires a lot of computer processing power, which doesn’t come cheap. An alternate, illicit approach exists for those willing to go that route. There are miners who will conscript the systems of others to do the mining. Essentially, they hijack your computer, an act called cryptojacking. One computer alone doesn’t have the necessary resources to mine cryptocurrency, but when employed alongside thousands of other compromised devices, you are on your way.

A Cryptocurrency Called Monero

Besides Bitcoin, another popular cryptocurrency is Monero. It has a somewhat taboo reputation as cybercriminals use it because of its anonymity features. For those same reasons, it is also popular amongst cryptojackers. Researchers estimate that $57 million was mined by cryptojackers over the past four years. That is equal to 4.3% of all Monero in circulation today. While legitimate cryptocurrency miners may make as little as $12 / day, those illegitimate miners can make much much more since they don’t have the burden of paying for their own hardware.

Compromising Your Computer

So how does your computer become compromised and make the secret, illicit miners money? Well, there are two ways. The first involves cryptomining malware, which dethroned ransomware as the #1 malware threat in 2018. Phishing attacks are a primary delivery method for this malware nuisance that robs your computer once a user clicks on something. To further complicate the threat, cryptojackers also package added malware droppers that then serve as a deployment means for more types of malware types, including banking trojans like Emotet.

Unfortunately, these malicious miners don’t have to depend on you to click on an embedded link or email. You can contract this resource-robbing nemesis on legitimate websites. Hackers inject JavaScript code into a webpage and then the code hijacks the user’s browser session. This allows the system’s CPU power to be exploited and repurposed for mining. Closing your browser won’t help as a small pop-up window is programmed to hide behind the windows taskbar or clock on a Windows computer. Even website owners are in on the deal. A company called Coinhive.com released its own mining code two years ago, targeting website owners who wanted to earn extra income without running intrusive or annoying advertisements on their websites. Prominent sites such as Pirate Bay and Showtime employed this questionable practice until discovered. Of course, most people would prefer annoying ads to having their computer performance completely stifled and their battery drained.

Keeping Illicit Miners Away

If your computer is running slow and killing the resource-hungry process in Task Manager isn’t righting the ship, you may be infected. Like any malware, the only real way to cleanse your machine is with an endpoint solution. Keeping your devices, browsers, and OS fully patched and up to date is an essential step in prevention as some recent cryptojacking strains utilize well-known exploits like EternalBlue which continues to plague unpatched machines.

Every organization today needs both email security and web filtering as part of a multi-layer security strategy to protect users and their devices. Companies are also employing the practice of application whitelisting to ensure that only approved activity and applications are allowed on enterprise devices. There are also solutions that ensure that only executables and applications are permitted run when installed by an admin or approved user account. Personal users can use a safe browsing service at home for added insurance and make sure that the security settings within their favorite browser are configured accordingly. Taking cybersecurity hygiene seriously will help prevent these cryptomining threats from spelling trouble for you.

 

Jeremy Moskowitz founded PolicyPak Software after working with hundreds of customers with the same problem: they couldn’t manage their applications, browsers and operating systems using the technology they already utilized. Jeremy’s best-selling Group Policy books are on the desks of happy administrators everywhere. Jeremy was one of the first MCSEs in the world and has been designated an MVP in Group Policy by Microsoft for the last decade.