How cybercriminals are exploiting the bitcoin craze
Bitcoin (BTC-USD) is on fire. The cryptocurrency has jumped thousands of dollars in value in the past few weeks, and everyone seems to want to get a piece of that sweet, sweet pie. Including, naturally, cybercriminals.
Yes, online crooks are using every trick in the book to exploit the crypto craze. From stealing usernames and passwords to installing malware on users’ computers, cybercriminals are working to get their hands on cryptocurrency in any way they can.
“There definitely is a gold rush approach, and I guess criminals are kind of cashing in on that,” said Raj Samani, chief scientist at McAfee.
And to do that they’ll hijack your computer to make money for themselves.
Stealing your information
Bitcoin isn’t exactly new. Its popularity might be spiking now along with its value, but the cryptocurrency has been around since 2009. Which naturally means it’s been the target of cybercriminals for quite some time.
One of the more popular types of bitcoin-related cybercrime involves using keyloggers, programs that can see what you type on your keyboard, to steal users’ login information for their bitcoin wallets. As Symantec’s Candid Wueest explains, victims accidentally download such keyloggers via infected email attachments, which install themselves on their computers.
“From that point they would just monitor for any bitcoin transaction or any bitcoin wallets that you have, and try to steal the passwords,” he said.
Here’s how this scheme worked recently: A piece of malware known as Trickbot began spoofing the popular cryptocurrency exchange Coinbase.com’s login page. The software works by redirecting you from the real Coinbase.com to a page that looks similar, but captures your login information.
That’s not the only devious behavior this malware is capable of, according to Wueest — it can also mine bitcoin and other forms of cryptocurrency using your own computer.
Mining on your time
That’s where technologies like browser-based miners come into play. Browser-based crypto miners allow for site owners to run a Javascript on a person’s computer whenever they visit a particular site. That script then uses your computer’s CPU to help mine currencies like Monero (XMR-USD).
The software itself isn’t designed to harm your computer. Sites like Coinhive even indicate the script could be used by publishers and webpage owners to generate revenue lost through the increased use of ad blockers. It’s not a bad idea, either. That is, when you’re told that it’s actually running on your machine.
See, not all Monero miners or sites will tell you they are operating in the background, sucking up precious system resources, which can slow your computer to a halt. What’s more, Monero miners are only supposed to run on your computer while you’re on the site that uses the script. That’s not always the case, though, as some will generate a browser window that then hides on your desktop to keep sucking up your computer’s resources.
“From September to October we actually saw a 10 times, or 10 fold, increase of those mining tools being detected on our customer’s [computers] that use our software,” explained Symantec’s (SYMC) Wueest. “10 times more in October. And in November it’s again, 3 times more. So now we are actually at 33,000 detections per day that we see globally.”
Dragging you down
To be sure, these kinds of mining malware tools aren’t as nefarious as something like ransomware, which locks down your computer until you either erase your hard drive or pay a ransom. But they do their own kind of damage.
Some miners are designed to remain hidden by using a smaller amount of your PC’s processing power, which you’re not likely to notice when doing something like opening a web browser. Start using more resource-intensive programs, though, and you’ll see some slowdown.
Other kinds of miners push your computer to the max right out of the gate, which will slow your machine to a crawl. For large businesses that run huge numbers of servers, though, the extra load can put a bit of a dent in their bottom line due to the power needed to run such operations.
“For organizations running multiple computers and server farms and so on and so forth, that can be a significant cost,” McAfee’s Samani said.
Beating back the bots
So how do you fight back against these kinds of threats? Well, as always, your best bet is to ensure that your computer is running the latest software updates. And don’t think you’re safe because you own a Mac. Instances of this kind of malware have been detected on those, too.
And of course, make sure you’re running some kind of security software. Yes, it can be annoying, but it’s well worth dealing with the hassle of updating that software in order to keep your computer safe.
So get downloading.
More from Dan:
Email Daniel at [email protected]; follow him on Twitter at @DanielHowley.