Woburn, MA – December 21, 2017 — /BackupReview.info/ — Kaspersky Lab researchers have identified a fraud scheme where mining software was distributed and secretly installed on users’ PCs through pirated software commonly used for work and entertainment, such as photo and text editors, etc. The PCs were then exploited for the creation of cryptocurrencies, with all profits going to the criminals involved.

While the cryptocurrency market continues to burst with enormous increases in the number and value of investments, more and more criminals are also keeping an eye on its development. The fact that this excitement has captured so many people plays into their hands, making it easier to cheat general users who are not IT-savvy individuals. For instance, cryptocurrency miners became one of the major trends in 2017, according to the annual Kaspersky Security Bulletin. This trend was predicted last year by Kaspersky Lab researchers who spotted a comeback of mining software amid the growing popularity of Zcash. Just a year later, miners are everywhere. Criminals are using different tools and techniques, such as social engineering campaigns or by exploiting cracked software, in order to affect as many PCs as possible.

As an example of the latter fraud method, Kaspersky Lab experts have recently discovered a number of similar websites offering ways for users to download free pirated software – popular computer programs and applications. To inspire confidence, criminals have been using domain names similar to the real ones. After downloading a piece of software, the user receives an archive that also contains a mining program. This is then installed automatically, together with the desired software.

The installation archive includes text files containing initialization information – wallet and mining pool addresses. A mining pool is a server that unites several participants and distributes the mining task among their computers. In exchange, participants receive their share of the cryptocurrency that is being mined much faster than they would if mining through only their own PC. Because of architectural particularities, mining Bitcoins and other cryptocurrencies is currently a very resource-heavy and time-consuming operation, so such pools significantly increase the productivity and speed of cryptocurrency generation.

After being installed, miners start to silently operate on the victim’s PC, generating crypto-coins for criminals. According to Kaspersky Lab research, in all cases they used the NiceHash project software, which recently suffered a major cybersecurity breach resulting in the theft of millions of dollars’ worth of cryptocurrency. Some of the victims were connected to a mining pool of the same name.

In addition, experts have found that some miners contained a special feature that allowed the user to remotely change a wallet number, pool or miner. This means criminals could set another destination for the cryptocurrency at any time and thus manage their earnings by distributing mining flows between wallets, or even make the victim’s computer work for another mining pool.

“Although not considered malicious, mining software reduces the device’s system performance, which inevitably affects the user experience in general. Plus, it increases the victim’s electricity bill – not a major outcome of being a victim of this fraud scheme, but still an unpleasant one. Of course, some people might be OK with the knowledge that an anonymous person is becoming richer at their expense, but we advise users to resist these attempts as even though it is not being conducted with standard malicious software, it is still a fraudulent activity,” says Alexander Kolesnikov, Malware Analyst at Kaspersky Lab.

In order to prevent your PC from becoming part of a mining network, Kaspersky Lab advises the following:

  • Download only legal software from proven sources,
  • Install a reliable security solution such as Kaspersky Internet Security or Kaspersky Free that protects you from all possible threats, including malicious mining software.

Read more about the newly discovered miners project in the blogpost on Securelist.com

To learn more about cryptocurrency developments in terms of cybersecurity, read the KSB Threat Predictions for 2018 or watch our webinar —

https://securelist.com/ksb-threat-predictions-for-cryptocurrencies-in-2018/83188/

https://www.brighttalk.com/webcast/15591/289993

About Kaspersky Lab 
Kaspersky Lab is a global cybersecurity company celebrating its 20 year anniversary in 2017. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com

For the latest in-depth information on security threat issues and trends, please visit:

Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter

Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter

Media Contact
Jessica Bettencourt
781.503.7851
Jessica.Bettencourt@kaspersky.com

Source: Kaspersky Lab

 

 

Related posts:

  1. New Kaspersky Endpoint Security for Business Delivers Enhanced Data Protection and Manageability Across All Platforms and Devices
  2. Kaspersky Lab Reports Malicious Attack Increase in Q1 IT Threat Evolution Report
  3. The Number of Financial Attacks Against Android Users Tripled in 2014
  4. Dropping Elephant: Cyber-espionage Group Hunts High Profile Targets with Low Profile Tools
  5. Kaspersky Lab Number of the Year 2016: 323,000 Pieces of Malware Detected Daily
  6. Kaspersky Lab Number of the Year: 360,000 Malicious Files Detected Daily in 2017
  7. One Billion More: Kaspersky Lab Reports on Cyber Threats in 2014
  8. ShadowPad: Attackers Hid Backdoor in Software Used by Hundreds of Large Companies Worldwide
  9. Kaspersky Lab Discovers New Upgrades to Notorious Gaza Team Cybergang’s Malicious Toolset
  10. Kaspersky Lab Survey: 93% of Financial Services Organizations Experienced Cyberthreats in the Past Year

Tags: ,