A cryptocurrency, a subset of alternative digital currencies, is an online form of payment, a funds exchange using cryptography. It allows securing the transactions and to control the creation of additional units of the currency.
If you would like more inofrmation on digital currency, TechCrunch authored a series of short videos on digital currency: “What is bitcoin? What is the blockchain? How does it work? Who is behind it? Find the answer to all of these questions and more by tuning into the six-episode series Trust Disrupted: Bitcoin & the Blockchain.”


Ransomware thrives on the ability of not being traced: cryptocurrency payments are difficult to trace, and that allows criminals to procure and offer services and extort money using bitcoins on a much larger scale than in the past, since bitcoin in particular continues to be favored for paying for cybercrime services or extorting victims, since bitcoin is difficult (and getting close tpo impossible) to mine.

Coin Mining

In concept of coin mining, cryptocurrency itself is a target. There are many threats that used a coin-mining virus infected systems to steal cryptocurrencies, robbing the victim by utilizing the free CPU resources from each infected machine. As IT industry was evolving against these types of threats, coin mining – specifically for Bitcoins – became increasingly difficult, and became not profitable. Ransomwear took charge as the more attractive option.

But coin mining is such a desirable concept for cybercriminals, it was inevitable for a new malware family to emerge and master the mining of the new types of cryptocurrency. In this digital world, there is a plethora of other digital currencies that are significantly less difficult to mine, compared to Bitcoin. Many of them have very good cryptographic protections, which can effectively hide their users. One of these cryptocurrencies is Monero.

Monero is a new digital cryptocurrency that has very good cryptographic protections, and can effectively hide their users. It is also easier to mine than Bitcoin, making it a profitable process for cybercriminals. Sophos researchers found a malicious program Mal/Miner-C, which infects Windows computers and takes over their CPUs and GPUs to generate Monero.
Mal/Miner-C is being spread around and hosted on publicly available servers. Consider this: Thousands of Seagate NAS boxes host cryptocurrency mining malware. If configured for remote access (and many businesses do so), the data storage devices expose a writable FTP directory to the Internet that cybercriminals can attack.  Default and weak credentials or using anonymous accounts practically guarantees the attacker ability to log in, verify that they have write access and spread the malware to all of the available directories on the affected server.

In their research on Cryptomining Malware on NAS Servers, Sophos counted 1,702,476 individual detections of Mal/Miner-C threat over the first half of 2016,  from about 3,000 systems. Most of the affected systems were FTP servers that hosted multiple copies of the malware in different directories.

The research used an internet scanning engine called Censys to identify public FTP servers that allow anonymous access with write privileges,

  • 2,932,833 IP numbers of FTP servers were included in original list
  • 2,137,571 FTP servers were active during the test
  • 207,110 active servers allowed anonymous remote access
  • 7,263 active servers had a write access enabled
  • 5,137 Servers contaminated with Mal/Miner-C

Here is food for thought: the researchers discovered that staggering 70% of active FTP servers with anonymous remote access and a write access enabled had been contaminated with Mal/Miner-C.

Vulnerabilities in currency apps

Vulnerabilities and flaws are not limited to just the servers. End users have to be aware of potential issues with currency apps. Here is a good example: MWR labs recently announced A Cross-Site Request Forgery Vulnerability in Monero SimpleWallet, allowing attackers to steal remotely directly from the users with minimal amount of social engineering.
Monero had responded with a Statement on the MWR Labs Disclosure, more of a rebuttal, really, stating that “it is not a flaw in Monero, or in the implementation or in cryptography… since monero-wallet-cli does not enable RPC mode by default, there is nothing that is vulnerable in it unless the user actively enables a setting that allows for someone to remotely control the wallet.


What should you do to protected your digital currency?

using money onlineThere are vulnerabilities that are being discovered with digital currency and with devices and software that enables use of digital currency. If you or your organization depends on use of digital money, you must take every single precaution to make sure your data, your network, and your finances are safe.
As with any kind of online activity, common sense is important. There is no silver bullet that will guarantee your currency being safe, but there are a few things you can do.
  • Do not keep too much of digital currency on one device at one time.
  • Just like with computer backup, store a backup of your digital wallet in a secure place, in case of loss, computer failures or human error.
  • Basic antivirus may not be effective against sophisticated coin mining attacks. Make sure you are using the top-of-the-line antivirus software on your computer network.
  • Investigate software you are going to be, or are already using; stay educated about options you are choosing when working online, and use layered security.
  • Make sure your entire business uses professional computer network services, keeping your organization’s data and assets secure, protected, and operational
  • Make sure your vendors are reputable, and that they are practicing cybersecurity. Question them about the state of technology being used.


The increasing number – and amounts – of digital currency thefts reminds us that legitimacy of the vendors, and safe and reliable cyber currency storage is very important. Implementing  even these basic security and backup precautions can greatly increase your digital currency security.