Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
Miners in your office
Miners in your office
harlan4096 Offline
MalWare Zoo Team
*******
Posts: 14,441
Threads: 9,518
Thanks Received: 9,035 in 7,185 posts
Thanks Given: 9,810
Joined: 12 September 18
#1
Information  24 June 19, 07:11
Quote:
[Image: miner-in-your-office-featured.jpg]

As you may have heard, mining on your own resources is not the most profitable business. It is risky to invest in home mining farms, and no one really wants to pay for the electricity. Therefore, mining adepts increasingly try to use someone else’s equipment for it.

The damage from their actions is obvious. First, the equipment overheats, and therefore breaks down faster. Second, constant lags slow business processes. Finally, why should you pay someone else’s electricity bills?

Methods of mining on someone else’s equipment

Let’s leave aside for the moment extreme incidents such as the recent one in China in which a local resident laid a cable along the floor of fishponds and stole electricity for mining directly from an oil-producing plant. Yes, that’s a problem, but it’s in the realm of physical security, not informational. Without going into details on the specific tools, miners employ one of three methods to reappropriate resources for cryptomining:

Web mining

All attackers need to do to rope in your resources is run a malicious process in your browser, so Web mining is naturally quite widespread. Usually the crooks inject malicious scripts into frequently visited sites or into advertisement banners and then use computer resources for their own enrichment.

It is unlikely that someone will use Web mining against a particular company. However, your employees can go to a benign website and unwittingly provide attackers with the means to access your resources. Last year, for example, advertising banners with mining scripts were spotted on YouTube.

Malicious mining

A malware infection is hardly news, these days. Except this time, the intruders aren’t encrypting or stealing data, just quietly mining cryptocurrency. And with the only indicator being a drop in computer performance, the infection can remain hidden for a long time.

The means of infection are standard: phishing e-mails and links, software vulnerabilities, and so on. Sometimes attackers infect servers, which increases their profits (and your losses). Sometimes they manage to infect information kiosks and electronic scoreboards, where miners can work for years without attracting any attention.
Continue Reading
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
K-Lite Codec Pack 18.8.5 / 18.8.9 Update
Changes in 18.8.9 ...harlan4096 — 07:13
Ubuntu 24.04.2 LTS / 25.04
Ubuntu 24.04.2 LTS...harlan4096 — 07:12
Microsoft Edge 135.0.3179.85
Version 135.0.3179...harlan4096 — 07:10
AnyDesk 7.0.0 for Linux
AnyDesk 7.0.0 for ...harlan4096 — 07:08
Intel releases AI Playground software fo...
Intel is open sour...harlan4096 — 07:07

[-]
Birthdays
Today's Birthdays
avatar (37)RobertUtelt
Upcoming Birthdays
avatar (44)wapedDow
avatar (43)techlignub
avatar (42)Stevenmam
avatar (49)onlinbah
avatar (50)steakelask
avatar (44)Termoplenka
avatar (42)bycoPaist
avatar (48)pieloKat
avatar (42)ilyagNeexy
avatar (50)donitascene
avatar (50)Toligo

[-]
Online Staff
There are no staff members currently online.

>