Cryptomining Malware - Definition, Examples, & Detection - ExtraHop | ExtraHop (2024)

FAQs

What is an example of Cryptomining malware? ›

WannaMine does Bitcoin mining. This crypto-miner is a virus that distributes via EternalBlue and achieves longevity on a machine through the utilization of Windows Management Instrumentation (WMI) persistent event subscriptions.

Crypto malware is malicious software that uses your computer to mine cryptocurrency without your knowledge. If your computer has become slow and unresponsive, you may need to scan it for crypto mining malware.

XMRig: XMRig is an open-source cryptojacking malware that is commonly incorporated into other types of malware.

Cryptomining malware runs stealthily in the background, hijacking the victim's central processing unit (CPU) and graphics processing unit (GPU) to “mine” fresh bits of cryptocurrency by solving complex math problems that verify crypto transactions.

Some common signs of a potential cryptojacking breach are slower computer speeds, unusually high CPU usage, and overheating hardware. But some cryptojackers take measures to mask these signs.

How to determine if your phone has malware. If you suspect that there's malware on your Android device, download a reputable antivirus from the Google Play app store and run a deep scan. If the antivirus finds anything, it will likely prompt you to quarantine, block, or delete the infected files.

How does ransomware look like? ›

Instead of encrypting files, it locks users out of their computer or device, preventing access to the system's resources. Once the device is infected, the victim encounters a full-screen message displaying the ransom demand and instructions to make the payment.

Crypto Malware vs Crypto Ransomware

The victim of a crypto ransomware attack is instantly notified by the threat actor that their systems/files are compromised, followed by a ransom note. On the other hand, the objective of crypto malware is to operate undetected. The longer, the better.

What is cryptojacking and how does it work? Cryptojacking refers to when a computer is controlled by a cryptocurrency miner and used to generate cryptocurrency. It works by installing a script on your device that controls it, using its processing power to mine crypto.

SilentCryptoMiner is a malicious hidden cryptocurrency miner that can mine ETC, RVN, XMR, RTM, and others without the user's knowledge.

Coinminer malware communicates with external servers to download additional components or upload mined cryptocurrency, leading to unexpected network traffic. Unexplained system crashes or freezes. The strain on system resources will often lead to your system crashing or freezing.

Note that scareware, leakware, and RaaS are essentially crypto- or locker ransomware variants.

The Coinminer malware is malicious software that infiltrates the victim's computer and uses its hardware, such as the CPU, GPU, and RAM, to mine cryptocurrency. Coinminers often use stealth techniques, such as mining only during certain hours, to remain undetected.

Crypto-malware is a type of ransomware that encrypts user files and requires payment by a specific deadline and often through a digital currency such as Bitcoin. Ransomware has been a persistent threat for organizations across industries for many years now.

For example, the Romanian hacker group Outlaw compromises Linux servers and Internet of Things (IoT) devices by using default or stolen credentials and exploiting known vulnerabilities to launch DDoS attacks or mine Monero currency.