The beginning of 2018 saw an explosion in the popularity of bitcoin and by extension blockchain tech. Many people sold their houses and invested their life savings into bitcoins. Some even gambled hundreds of thousands of dollars in altcoins which had only popped up in the preceding month. Likewise makeshift bitcoin mining “factories” sprung up in areas with cheap land and cheap power. Bitcoin has come down from its peak of almost $20,000 per coin but its impact and economic value appears to be here to stay.
Hackers and malware developers haven’t taken long to catch on. Selling sensitive personally identifiable information (PII) and Personally Identifiable health information (PHI) has always been a lucrative business for malicious actors. However, the advent of $10,000 bitcoin has created an entirely new avenue for the less-than-scrupulous to make money. Malware developers have found a novel application for their products: crypto mining. Malicious programs have recently emerged which harness the processing power of tens, or hundreds of thousands of PC’s and leverages it for the purpose of mining cryptos. This new effort was put on full display just in the past week when unknown attackers sought to infect 400,000 computers with mining software.
The nature of this threat is different than other forms of malware since in many cases the users may be able to go for months, or even years without realizing that malicious software is constantly at work on their machines. That should not be taken to mean that it is benign however, bitcoin mining can run up hundreds or thousands of dollars in power bills and slow down the system that is affected. Additionally, bandwidth may be used resulting in slower speeds for the entire network. Malware involving bitcoin is not new. Many variants of malware have been previously created with the intention of stealing crypto wallets. However, the difficulty in detecting mining-malware causes a host of concerns which are not present in other forms of malicious code.
The threat is not only confined to malware though. Recently corporations have repeatedly caught employees attempting to use company processing power to mine bitcoin for their own benefit. Insider cyber threat has always been a persistent issue, particularly in certain industries, but the rise of employee crypto-mining can happen in almost any context. Just as with bitcoin mining malware, employees may be able to go undetected for large amounts of time; all the while running up thousands or tens of thousands in power bills for their company. So, what can be done to combat these twin problems?
Fortunately, the solution to malware designed bitcoin mining is simple, standard anti-malware and anti-virus programs combined with log monitoring, employee training, and regular scanning should go far in the quest to reduce the risk of an organizations machines being infected. Organizations should monitor their networks for suspicious traffic and ensure that company servers are being used for business purposes and not bitcoin mining. Bitcoin has opened up a new vector for malicious actors to profit off of users and businesses, the only question is whether companies will begin to take cybersecurity seriously in response.