{"id":12531,"date":"2018-06-11T07:00:01","date_gmt":"2018-06-11T15:00:01","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2018\/06\/11\/news-6300\/"},"modified":"2018-06-11T07:00:01","modified_gmt":"2018-06-11T15:00:01","slug":"news-6300","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/06\/11\/news-6300\/","title":{"rendered":"Don\u2019t Be a Coinmining Zombie \u2013 Part 1: Getting Cryptojacked"},"content":{"rendered":"

Credit to Author: Trend Micro| Date: Mon, 11 Jun 2018 13:00:39 +0000<\/strong><\/p>\n

\"\"<\/p>\n

When your computer or mobile device (and now, even your IoT device<\/a>) is hijacked to secretly mine cryptocurrencies, it\u2019s been cryptojacked<\/em> and becomes a coinmining zombie<\/em>. Its CPU, memory, disk, and power are enlisted in varying degrees in the service of the mining botnet, which labors on behalf of those who use it, with other zombies, to make money in the currency. Cryptojacking not only increases the wear and tear on your PC or Mac; if it\u2019s a mobile device it can overheat and swell the battery, even destroy the device itself. Not a good payment for all that service!<\/p>\n

So how do you get cryptojacked? And what can you do to prevent it?<\/p>\n

What is cryptocurrency, anyway?<\/h3>\n

First, a refresher, to clarify the security issues.<\/p>\n

A cryptocurrency<\/em> is a digital currency \u201cdesigned to work as a medium of exchange<\/a>,\u00a0that uses strong cryptography<\/a> to secure financial transactions, control the creation of additional units, and verify the transfer of assets.\u201d (See Cryptocurrency<\/em><\/a>, Wikipedia) Unlike electronic or printed currencies produced by central banking systems, cryptocurrencies use peer-to-peer networked decentralized computers\u2014distributed ledgers, typically blockchains <\/em>(explained below)\u2014to serve as the public databases that process and verify the transactions conducted in the currency.<\/p>\n

First released in 2009, Bitcoin<\/a> is generally considered to be the first cryptocurrency. Since then, over 4,000 alternative currencies have been created\u2014and some of them, like Ethereum<\/a>, Ripple<\/a>, Litecoin<\/a>, and Monero<\/a>, are very active among a list of over 1500 cryptocurrencies<\/a> in circulation today. Companies like Microsoft, Dell, Virgin Galactic, Shopify, and Tesla, as well as others (the list is growing) are now among the companies accepting Bitcoin and other cryptocurrencies<\/a>. Countries like the US, South Korea, Hong Kong, and Japan, as well as \u00a0Australia, are now among the countries accepting and regulating cryptocurrencies<\/a>. This list too is growing, though some countries have refused to recognize cryptocurrencies or have banned them altogether (see Cryptocurrencies by Country<\/em><\/a>, Dividends Magazine, 25 Oct 2017).<\/p>\n

Next, what is cryptocurrency mining?<\/h3>\n

Cryptocurrency mining<\/em> (aka coinmining<\/em> for short) is the way transactions are processed and verified over the peer-to-peer network by the cryptocurrency\u2019s coinminers<\/em> installed on innumerable users\u2019 computers. Each set of transactions are processed as a \u201cblock\u201d then added to the \u201cblockchain\u2014the public ledger\u2014when they\u2019re confirmed by a cryptographic hash<\/em> (a fixed-sized alphanumeric string) generated by the miners. The blockchain is then ready for the next block. The coin-owner\u2019s private key or seed<\/em> in their cryptocurrency wallet is what identifies the ownership of the coins, seals the transaction for the specified amount, and prevents the transaction from being altered\u2014as verified by the hash. The miners that first calculate the hash, before any others, are rewarded with free currency units\u2014hence the high processing power required to do this quickly (usually, in about ten minutes). To that end, mining can be done by one or more big computers with lots of processing power and high-end graphic cards (GPUs); or it can be done in a pool by many smaller mining computers working simultaneously across the network. Legitimate mining pools may be set up by partners who share any profits by calculating the precise contribution of each of the participating miners in creating the cryptographic hash.<\/p>\n

How do you become a coinmining zombie?<\/h3>\n

That said, it\u2019s not just legitimate entrepreneurs who use pools of computers to mine cryptocurrencies. Transgressive<\/em> or criminal<\/em> coinmining can occur whenever your computer and others are \u201chijacked\u201d (i.e., cryptojacked<\/em>) to mine without your permission.<\/p>\n

Trend Micro identifies three types of cryptojacking in use today, (apart from the outright theft of cryptocurrency from the wallet that contains it, which can also occur):<\/p>\n\n\n\n\n
<\/td>\n\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

So what do you do about such threats? Watch for Don\u2019t be a Coinmining Zombie \u2013 Part 2: How Do You Protect Yourself from being Cryptojacked?<\/em><\/p>\n

Related Links:<\/p>\n\n\n\n\n
<\/td>\n\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

The post Don\u2019t Be a Coinmining Zombie – Part 1: Getting Cryptojacked<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Trend Micro| Date: Mon, 11 Jun 2018 13:00:39 +0000<\/strong><\/p>\n

\"\"<\/p>\n

When your computer or mobile device (and now, even your IoT device) is hijacked to secretly mine cryptocurrencies, it\u2019s been cryptojacked and becomes a coinmining zombie. Its CPU, memory, disk, and power are enlisted in varying degrees in the service of the mining botnet, which labors on behalf of those who use it, with other…<\/p>\n

The post Don\u2019t Be a Coinmining Zombie – Part 1: Getting Cryptojacked<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10490,18678,10789,11052,16598,18679,10463,714],"class_list":["post-12531","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-bitcoin","tag-coinmining","tag-consumer","tag-cryptocurrency","tag-cryptocurrency-mining","tag-cryptojacked","tag-mobile-security","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12531","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=12531"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12531\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=12531"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=12531"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=12531"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}