Ask a question from expert
Cryptojackers and miners PDF
20 Pages6739 Words86 Views
Added on 2021-10-14
Cryptojackers and miners PDF
Added on 2021-10-14
BookmarkShareRelated Documents
CRYPTOJACKERS AND MINERS 1
Cryptojackers and Miners
Student Name
Institutional Affiliation
Cryptojackers and Miners
Student Name
Institutional Affiliation
CRYPTOJACKERS AND MINERS 2
Executive Summary
Cyprojacking malware is increasing every day and thus, the need for the users participating in
cryptocurrency should take extra caution. This document will focus on CryptoSpringMalware
which is a cryptojacking malware that delivers malicious links by infecting social media
accounts and steals login credentials and web accounts allowing it to inject crypto mining scripts
in to the web pages. It utilizes miscellany methods to infect cryptocurrency trading platforms
when the users access them on an infected browser and uses Facebook messenger to propagate it.
The users should stop loading links that have been shared to reduce the risk of falling in to such
traps. Many browsers have implemented safe browsing features to protect the users from being
tricked by attackers. Crypto mining does not only target computers but also mobile devices such
as tablets and phones. The legal consequences of such actions are not clear even if the
unwelcomed and intrusive nature of cryptojacking is evident. With the possible impair access of
information, overheated machine, and economic sabotage, crypto jacking has clearly become one
of the biggest threats facing cryptocurrency businesses in the form of malicious advertising and
is a quite hard to deal with it using the existing legal framework.
Executive Summary
Cyprojacking malware is increasing every day and thus, the need for the users participating in
cryptocurrency should take extra caution. This document will focus on CryptoSpringMalware
which is a cryptojacking malware that delivers malicious links by infecting social media
accounts and steals login credentials and web accounts allowing it to inject crypto mining scripts
in to the web pages. It utilizes miscellany methods to infect cryptocurrency trading platforms
when the users access them on an infected browser and uses Facebook messenger to propagate it.
The users should stop loading links that have been shared to reduce the risk of falling in to such
traps. Many browsers have implemented safe browsing features to protect the users from being
tricked by attackers. Crypto mining does not only target computers but also mobile devices such
as tablets and phones. The legal consequences of such actions are not clear even if the
unwelcomed and intrusive nature of cryptojacking is evident. With the possible impair access of
information, overheated machine, and economic sabotage, crypto jacking has clearly become one
of the biggest threats facing cryptocurrency businesses in the form of malicious advertising and
is a quite hard to deal with it using the existing legal framework.
CRYPTOJACKERS AND MINERS 3
Table of Contents
Executive Summary.........................................................................................................................2
Introduction......................................................................................................................................4
CryptoSpringMalware Malware Operation.....................................................................................5
Propagation..................................................................................................................................5
Malicious Behavior......................................................................................................................7
Monetizing the Malware Operations............................................................................................9
Mitigation Strategies......................................................................................................................10
Engineering Countermeasures...................................................................................................10
Legal Countermeasures..............................................................................................................13
Economic Countermeasures.......................................................................................................16
Educational Countermeasures....................................................................................................17
Conclusion.....................................................................................................................................18
Reference List................................................................................................................................21
Table of Contents
Executive Summary.........................................................................................................................2
Introduction......................................................................................................................................4
CryptoSpringMalware Malware Operation.....................................................................................5
Propagation..................................................................................................................................5
Malicious Behavior......................................................................................................................7
Monetizing the Malware Operations............................................................................................9
Mitigation Strategies......................................................................................................................10
Engineering Countermeasures...................................................................................................10
Legal Countermeasures..............................................................................................................13
Economic Countermeasures.......................................................................................................16
Educational Countermeasures....................................................................................................17
Conclusion.....................................................................................................................................18
Reference List................................................................................................................................21
CRYPTOJACKERS AND MINERS 4
Introduction
Crypto jacking is an illegal activity where attackers use another person’s computer to mine
cryptocurrency. Attackers achieve this by enticing and tricking computer users to click on a
particular link that that executes crypto mining code on their computer, or injecting a JavaScript
code to a website that pops up and executes automatically when loaded in the browser. It is not
yet certain the amount of cryptocurrency that hackers mine by carrying out crypto jacking, but
there is no doubt that the practice is on the rise. However, it is important to note that the rapidly
growing type of crypto jacking is browser-based. A research done in 2017 revealed that more
than 35000 websites were running crypto mining scripts and had more than 1 billion visitors
combines (Brewer, 2016). The concept of crypto mining is still new and there is still room for
evolution and growth. For instance, it is easy to generated more than $300 using coinhive in the
first month. One major reason why crypto jacking is on the rise is because it is easy to get
money.
Cyber security researchers in January 2018 discovered a crypto mining botnet called Smominru
which infected more than 500000 computers, majorly in India, Russia, and Taiwan. Windows
servers were the target of the botnet. Crypto jacking does not require proficient technical
expertise. The driving force of crypto jacking that is making it more popular among the hackers
is because of the minimal risk involved while making more money and find it more profitable as
compared to ransomware because it generates money continuously (Broadhurst, et al., 2018).
Additionally, the probability of being identified or getting caught is much less as compared to
ransomware. Crypto mining code can go undetected for a very long time because it runs
surreptitiously and once identified it is very challenging and difficult to trace the source.
Attackers have to major ways of getting into the computer of the victim to mine crypto currency
secretly. One way is through phishing where the attacker sends an email that looks legitimate and
tricks the victim into clicking the link on the email which once clicked the crypto mining code
loads on the computer and continuously run while the victim works on his/her computer (Sigler,
2018). The second method is by injecting crypto mining scripts on several websites which
entices the users and visitors to click on it. Once the user opens their browser, the script is
executed automatically. In this method, no code is store on the computer of the victim rather the
code executes mathematical problems that are complex and transmit results to the hacker’s
Introduction
Crypto jacking is an illegal activity where attackers use another person’s computer to mine
cryptocurrency. Attackers achieve this by enticing and tricking computer users to click on a
particular link that that executes crypto mining code on their computer, or injecting a JavaScript
code to a website that pops up and executes automatically when loaded in the browser. It is not
yet certain the amount of cryptocurrency that hackers mine by carrying out crypto jacking, but
there is no doubt that the practice is on the rise. However, it is important to note that the rapidly
growing type of crypto jacking is browser-based. A research done in 2017 revealed that more
than 35000 websites were running crypto mining scripts and had more than 1 billion visitors
combines (Brewer, 2016). The concept of crypto mining is still new and there is still room for
evolution and growth. For instance, it is easy to generated more than $300 using coinhive in the
first month. One major reason why crypto jacking is on the rise is because it is easy to get
money.
Cyber security researchers in January 2018 discovered a crypto mining botnet called Smominru
which infected more than 500000 computers, majorly in India, Russia, and Taiwan. Windows
servers were the target of the botnet. Crypto jacking does not require proficient technical
expertise. The driving force of crypto jacking that is making it more popular among the hackers
is because of the minimal risk involved while making more money and find it more profitable as
compared to ransomware because it generates money continuously (Broadhurst, et al., 2018).
Additionally, the probability of being identified or getting caught is much less as compared to
ransomware. Crypto mining code can go undetected for a very long time because it runs
surreptitiously and once identified it is very challenging and difficult to trace the source.
Attackers have to major ways of getting into the computer of the victim to mine crypto currency
secretly. One way is through phishing where the attacker sends an email that looks legitimate and
tricks the victim into clicking the link on the email which once clicked the crypto mining code
loads on the computer and continuously run while the victim works on his/her computer (Sigler,
2018). The second method is by injecting crypto mining scripts on several websites which
entices the users and visitors to click on it. Once the user opens their browser, the script is
executed automatically. In this method, no code is store on the computer of the victim rather the
code executes mathematical problems that are complex and transmit results to the hacker’s
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Operations Management Problemlg...
|12
|2547
|114
Understanding SQL Injection, Insider Attacks, and Malware Threats for Enhanced Cybersecuritylg...
|7
|2711
|157