EXPLAIN OF EACH DETAIL LIKE REPORTING:

CRYPTOCURRENCY

It is a digital currency in which transactions are verified and records maintained by a decentralized system using cryptography, rather than by a centralized authority.

You can own cryptocurrency by either:

• Directly buying
• Cryptomining

CRYPTOMINING

By mining, you can earn cryptocurrency without having to put down money for it.

It is the method of verifying transactions on a digital ledger for a blockchain using machines with extensive computing power. It has to do with the process where specialized computers, also known as nodes or mining rigs, validate blockchain transactions for a specific cryptocoin and, in turn, receive a mining reward for their computational effort.

ILLICIT CRYPTOMINING

Involves the usage of an illicit cryptominer which is a malicious code designed to hijack the idle processing power of a targeted device and misuse it to mine cryptocurrency.

The mining activity is usually hidden or runs in the background without obtaining consent from the user or admin.

TWO MAIN TYPES OF ILLICIT CRYPTOMINERS

• BINARY-BASED

These are malicious applications downloaded and installed onto the targeted device.

ESET security solutions categorize most of these applications as Trojans.

• BROWSER-BASED

These are malicious JavaScript embedded into a web page or some of its parts/objects, via the browsers of the site’s visitors, also termed as cryptohijacking.

ESET detects the majority of cryptojacking scripts as potentially unwanted applications (PUAs).

Chinese police bust illegal cryptomining farm, seize 190 miners

Guangdong province’s Development and Reform Commission confiscated 190 crypto mining machines, estimated to be worth 5 million yuan($791,450). The authorities claimed that even though mining operations consume a lot of energy, they remained hidden from the authorities because of the high power consumption of the charging station they were operating in.

CAUSE OF ABUSE

• To exploit a victim’s device or system to illegally install cryptomining malware that allows illicit actors to earn cryptocurrency
• To earn more revenue

EFFECTS/DAMAGES

Cryptocurrency-mining malware steal the resources of infected machines, significantly affecting their performance and increasing their wear and tear. An infection also involves other costs, like increased power consumption. Cryptocurrency malware can make its victims part of the problem by infecting their assets and data.

WAYS TO AVOID

1. Protect your endpoints, servers and other devices with reliable and multilayered security solutions able to detect potentially unwanted (PUA) cryptomining scripts as well as cryptomining Trojans.

2. Implement Intrusion Detection Software (IDS) that helps identify suspicious network patterns and communication potentially tied to illicit cryptomining (infected domains, outgoing connections on typical mining ports such as 3333, 4444 or 8333, signs of persistence, etc.).

3. Increase network visibility by using a remote management console to enforce security policies, monitor system status as well as security of company endpoints and servers.

4. In a company setting, train all employees (including top management and network administrators) in how to maintain good cyber-hygiene and create and use strong passwords, reinforced with two-factor authentication, increasing the protection of company systems in case passwords are leaked or bruteforced.