How to fight cryptocurrency mining malware – expert tips


Experts of antivirus companies told how to protect your device from unauthorized mining

How to fight cryptocurrency mining malware – expert tips.

One of the most pressing cyberthreats of late has been hidden cryptocurrency mining – when an intruder mines cryptocurrency using the user’s device resources without the user even realizing it. More and more often there are reports in the media about the spread of malicious mining software, and recently hackers have learned to mine cryptocurrency through ads on YouTube.

How do I know if there is hidden mining on the device?

Programs for hidden mining use the resources of the device, so the main sign of their activity is a slowdown of the computer up to partial loss of performance. Also, the exploitation of the device’s resources can be evidenced by its heating, increased operation of the cooling system, and, as a consequence, a sharp increase in energy consumption. However, the company Zillya! notes that sometimes it may not be noticeable at all.

Sometimes hidden mining can be completely invisible to the user.

How can I check if my device is infected with mining malware?

According to Vladislav Andrianov, antivirus programs can only detect mining software if it is classified as malicious by the antivirus manufacturer. On a computer, suspicious activity can be monitored in Task Manager, noting an increased CPU or RAM load with an insignificant number of open programs. If you find software that is excessively exploiting the resource of your device, you should remove it.

Sergey Kuznetsov recommends using the free scanning utility ESET Online Scanner – it detects and disarms all types of threats, including miners, without installing an antivirus product.

How can I prevent infection by such malware?

You can significantly reduce the risk of infection by such software by using comprehensive anti-virus software with updateable signature databases. It protects against both native and browser-based miners.

Most mining malware gets on your device in trivial ways.

As the Zillya! expert noted, most malicious programs, including unauthorized miners, which in fact have no signs of “viruses” in the broad sense of the word, get onto devices in rather trivial ways. Mostly infection occurs through spam, downloading pirated software from file exchanges or torrents, and inattentive users who ignore basic cybersecurity rules.

ESET adds that attackers often try to install miners on victims’ devices (so-called native miners) using social engineering or software vulnerabilities. Also, hidden cryptocurrency mining can automatically start in a browser when a user visits a certain website. One of the browser-based miners, JS/CoinMiner.A, is prevalent in Russia (65.29% of antivirus triggers), Ukraine (21.95%), and Belarus (6.49%).

How do I detect a hidden mining script on a web page?

They are almost impossible to detect until the user opens the page. In this case, it is worth enabling the detection of potentially unwanted applications in your antivirus product. In addition, users can protect themselves from such threats by using an ad blocker and scripts installed in the browser.

Mining scripts are almost impossible to detect without going to the page.

What kind of damage can a virus-mailer do to a user’s device?

According to Vladislav Andiranov, such programs, as a rule, do not pose a traditional cybersecurity threat – they are not designed to steal data, steal access to accounts or block them and then extort money. Their purpose is to exploit the computing power of the device. They force the “iron” to work at 100% for a long period of time, which can lead to its failure.

Sergey Kuznetsov noted an ethical problem as well. Hidden cryptocurrency mining without the user’s knowledge is unacceptable – it can be compared to an intruder gaining remote access to someone else’s device.