MICROSOFT REVEALS THAT SOME 644,000 COMPUTERS PER MONTH ARE INFECTED WITH MALWARES MINEROS
In the last six months, approximately 644,000 computers have been attacked each month by mining malwares, according to a report presented by Windows Defender Research this week. The "Trojanized" attacks have been perpetrated using multiple tactics to achieve the infection.
According to Microsoft Secure, from September 2017 to January 2018 there has been an increase in "trojanized" mining attacks that coincides with a decrease in the volume of ransomware attacks. Fact that, they consider, can be related to a change of focus on the part of the hackers to monetize their activities with cryptocurrencies.
The attacks are cataloged like troyanizados by the form in which they operate the malicious programs, since they are similar to the banking Trojans. However, these include some variants such as "the use of exploits or self-distributed malware": exploit is a fragment of code that exploits the security vulnerabilities of a system.
It is important to note that the report warns of two types of tactics through which kits are being installed by miners. The first is a downloadable Word file - detected as a Trojan - that runs a modified version of the XMRig miner, which extracts the Monero private cryptocurrency. While the second is a file called "flashupdate", which is masked as Flash Player and downloaded from links in spam campaigns and malicious websites of the "flashplayer" chain. This second file also runs a version of XMRig.
Also, other forms of attack for the extraction of currencies include injections of code in files notepad.exe and malicious PowerShell scripts that add a "scheduled task so that (the mining) runs every time the computer is started".
CRYPTOJACKING AND UNAUTHORIZED MINING
Windows Defender also points out that Cryptojacking has also been "intensified" as a trend in terms of cybercrime. This has occurred especially in fake technical support websites that make it difficult for the browser to close because a mining script is running in the background, taking over the resources of the computer; and also on video playback pages, such as the case of YouTube, where the use of the CoinHive software was reported.
Keep in mind that Cryptojacking, which comes from cryptography (cryptography) and hijack (hijacking), is the unauthorized use of computers or smartphones to mine cryptocurrencies.
On the other hand, there is legitimate web mining, but done without the official authorization of the sites involved. This type of unauthorized mining also generates cryptocurrencies at the expense of the processors of the visitors of the page, even when the browser is closed. This situation has generated discomfort in the cybernauts, at the same time that it has awakened a debate, when being compared the web miners with the publicity like form to generate income in line.
Web mining is in vogue, and aside from its malicious uses, has become a business model for online portals such as Salon.com, who have joined the wave of CoinHive but with the consent of its users.