A cryptocurrency, a subset of alternative digital currencies, is an online form of payment, a funds exchange using cryptography. It allows securing the transactions and to control the creation of additional units of the currency.
Ransomware thrives on the ability of not being traced: cryptocurrency payments are difficult to trace, and that allows criminals to procure and offer services and extort money using bitcoins on a much larger scale than in the past, since bitcoin in particular continues to be favored for paying for cybercrime services or extorting victims, since bitcoin is difficult (and getting close tpo impossible) to mine.
In concept of coin mining, cryptocurrency itself is a target. There are many threats that used a coin-mining virus infected systems to steal cryptocurrencies, robbing the victim by utilizing the free CPU resources from each infected machine. As IT industry was evolving against these types of threats, coin mining – specifically for Bitcoins – became increasingly difficult, and became not profitable. Ransomwear took charge as the more attractive option.
But coin mining is such a desirable concept for cybercriminals, it was inevitable for a new malware family to emerge and master the mining of the new types of cryptocurrency. In this digital world, there is a plethora of other digital currencies that are significantly less difficult to mine, compared to Bitcoin. Many of them have very good cryptographic protections, which can effectively hide their users. One of these cryptocurrencies is Monero.
In their research on Cryptomining Malware on NAS Servers, Sophos counted 1,702,476 individual detections of Mal/Miner-C threat over the first half of 2016, from about 3,000 systems. Most of the affected systems were FTP servers that hosted multiple copies of the malware in different directories.
The research used an internet scanning engine called Censys to identify public FTP servers that allow anonymous access with write privileges,
- 2,932,833 IP numbers of FTP servers were included in original list
- 2,137,571 FTP servers were active during the test
- 207,110 active servers allowed anonymous remote access
- 7,263 active servers had a write access enabled
- 5,137 Servers contaminated with Mal/Miner-C
Here is food for thought: the researchers discovered that staggering 70% of active FTP servers with anonymous remote access and a write access enabled had been contaminated with Mal/Miner-C.
Vulnerabilities in currency apps
What should you do to protected your digital currency?
- Do not keep too much of digital currency on one device at one time.
- Just like with computer backup, store a backup of your digital wallet in a secure place, in case of loss, computer failures or human error.
- Basic antivirus may not be effective against sophisticated coin mining attacks. Make sure you are using the top-of-the-line antivirus software on your computer network.
- Investigate software you are going to be, or are already using; stay educated about options you are choosing when working online, and use layered security.
- Make sure your entire business uses professional computer network services, keeping your organization’s data and assets secure, protected, and operational
- Make sure your vendors are reputable, and that they are practicing cybersecurity. Question them about the state of technology being used.
The increasing number – and amounts – of digital currency thefts reminds us that legitimacy of the vendors, and safe and reliable cyber currency storage is very important. Implementing even these basic security and backup precautions can greatly increase your digital currency security.