Cryptocurrencies: what are the real risks for your computer?
Last year's spike in the value of Bitcoin has had a profound impact on the world of cyber security ......
Researchers at Kaspersky Lab, cybercriminals have started to use advanced infection techniques, borrowed from targeted attacks, to install commercial PC-based mining software ... Kaspersky Lab's best-performing company earned $ 7 million in six months in 2017, by exploiting the machines of its victims.
MINING SOFTWARE
Willing to hoard up cryptocurrency, criminals began to use, in their attacks, mining software whose, like the ransomware, present a very simple monetization model.
However, unlike a ransomware, a mining software does not destroy user data but harnesses the power of their PCs by spending a long time unnoticed.
Since September 2017, Kaspersky Lab has recorded a proliferation of these "minors", which began to spread actively around the world... The latest studies show that this growth has not only continued but has even accelerated and expanded.
ARSENAL
Kaspersky Lab researchers recently identified a cyber-criminal group with Advanced Persistent Threat (APT) techniques infecting users with minors. The method used - known as "process hollowing" - is still used by malware and has already been observed in some targeted attacks of APT but never again in cases of mining ...
The attack proceeds as follows: the victim is prompted to download and install an adware in which the installer for the minor is hidden. This program implements a genuine Windows utility, whose main purpose is to download the actual minor from a remote server. After which the normal process is replaced by the code
CREEPING INFECTON
As a result, the minor operates under the guise of a trivial task and it is impossible for a user to spot the infection ... This threat is just as difficult to detect for security solutions. In addition, the minor ensures that this new process can’t be interrupted. If the user tries to do, the computer restarts automatically. Criminals can stay in the system longer and ensure the productivity of their attack.
"We see that the ransomware fades, giving way to mining software. This trend is confirmed by our statistics, which show a steady increase of minors throughout the year, as well as the fact that the groups Cybercriminals have developed methods and have already begun to use more advanced techniques to propagate this type of software, "said Anton Ivanov, Senior Malware Analyst at Kaspersky Lab.
2.7 MILLION USERS WERE ATTACKED IN 2017
Overall, according to data from Kaspersky Lab, 2.7 million users were attacked by malicious minors in 2017, an increase of about 40% compared to 2016 (1.87 million). These users were victims of adware or pirated software used by cybercriminals to infect surreptitiously their PC.
Another method is the web mining by means of a special code implanted in an infected page on a site. The most common web miner is CoinHive, discovered on many popular sites ...
Kaspersky Lab therefore recommends to users the following precautions to protect themselves from this threat:
• Do not click on unfamiliar websites or banners or other suspicious advertisements.
• Do not download or open unknown files from unreliable sources.
• Install a reliable security solution that detects and cuts all possible threats, including malicious mining software.
And for companies: regularly perform a security audit, install a security solution on all workstations and servers and update it regularly ...
The source of information wich I've translate: https://lc.cx/WEvH
