ESET, a global leader in cybersecurity, has discovered a new tactic being used by cybercriminals to profiteer through the mining of cryptocurrencies on the web.
By using malware or potentially unwanted applications installed on the victim ‘s machine, cybercriminals have for several years taken advantage of cryptocurrency mining in order to realise a profit.
“It is easier to reach a significant number of victims by infecting websites than it is by infecting users’ machines. In this case, attackers were injecting scripts in high-traffic websites impacting mostly Russian, Ukrainian, Belarusian, Moldavian and Kazakh users,” explains Matthieu Faou, Malware Researcher at ESET.
“Although this method of mining is 1.5 to 2 times slower when compared to crypto coin mining with regular software, it is counterbalanced by the potentially higher number of impacted users” added Faou.
Some regulatory bodies consider mining cryptocurrencies on a user’s machine without consent equivalent to gaining access to the computer. Thus, developers of such services are expected to advertise it clearly before starting mining, but which rarely happens in these types of distribution scheme using malvertising.
To protect oneself against this kind of threat, ESET advices that users should enable detection of Potentially Unsafe Applications and Potentially Unwanted Applications (PUA) in ESET Internet Security, ESET NOD32 Antivirus and ESET Smart Security Premium solutions while also running regular updates.
One can also consider installing their preferred Ad blocker in their browsers. Additionally one can also install a script blocker in their browser but which could however disable some websites functionalities.
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint and mobile security, to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give consumers and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defences in real-time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D centres worldwide, ESET becomes the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003. For more information, visit www.eset.com or follow us on LinkedIn, Facebook and Twitter.