Crypto News Tech

Mozilla Firefox To Block Malicious Crypto Mining With Its Next Update

The next update for the popular Mozilla Firefox Internet browser will add a feature to shield against background crypto mining programs. The Firefox will try putting an end to cryptojacking, a malicious practice that usurps the processing power of the user’s device or hardware to mine for cryptocurrencies.

Firefox will block the scripts inserted into web pages that perform cryptojacking, as the browser’s upcoming update focuses on preventing data collection techniques that violate user privacy, a practice known as tracking. The update will aim to “protect” and “give a voice” to internet users who are victims of “deceptive practices that collect (and use) information invisibly” and user processing power, according to the official statement.

According to Nick Nguyen, the vice president of Firefox, the new security features will be running in the testing phase of the Firefox Nightly version throughout September.

Mozilla Firefox will tackle background crypto mining, joining Opera and Google Chrome in this regard

With this update, Mozilla Firefox joins the Opera and Google Chrome browsers who have already taken steps to tackle background crypto mining programs. In the case of Opera, however, the company announced in January of this year the implementation of new levels of protection against unauthorized mining in its browser.

On the other hand, Google Chrome removed extensions that offer crypto mining services from its Chrome web store. This measure, unlike Opera’s, also affected those applications that informed users that they would use their device’s ability to mine crypto coins. This decision occurred after Chrome accepted these extensions while they were exclusively dedicated to in-browser crypto mining. However, most of these did not meet the conditions.

Keep in mind that web crypto mining is not a malicious activity, in essence. However, cryptojacking (the practice to use victims devices’ computing power to mine for cryptocurrencies) is considered a malicious attack.

Crypto News Tech

The Professional Golfers’ Association of America Is The Latest Victim Of A Bitcoin (BTC) Ransomware Attack

On the eve of the start of the 100th-anniversary championship, the Professional Golfers Association of America (PGA) became the latest new victim of hackers, whose methodology is to seize sensitive information and ask for ransom in return. In this practice, it is widespread for cybercriminals to demand payments in Bitcoin (BTC) or other cryptocurrencies, in what is called a ransomware attack.

According to the specialized media, Golf Week, the attack was perpetrated on Wednesday, August 8th, when employees were unable to access the server. Instead, they received a message announcing the encryption of all files and threatening to make them unrecoverable from any attempt at decryption.

The attackers made it clear from the beginning that their target was Bitcoin (BTC) extortion

However, although the ransomware message includes the address of a Bitcoin (BTC) wallet, the hackers did not specify the amount of Bitcoin they wanted to get for unlocking the PGA servers.

However, according to an anonymous source, the Professional Golfers Association of America, the PGA, will not pay ransom for the archives, and that they took steps to ensure that the development of the anniversary championship won’t be impaired.

At the time of writing, no information has been released on the recovery of PGA servers or payment of the Bitcoin (BTC) ransom, the start of the PGA Championship 2018 tournament took place as usual.

Ransomware attacks involving cryptocurrency decline in popularity, while cryptojacking takes the lead

According to several studies carried out by various computer security companies worldwide, ransomware attacks involving cryptocurrency are declining in popularity, as the cybercriminals have gradually migrated to a more effective and lucrative business model, such as the use of hidden crypto mining malware. This method is known as cryptojacking and uses the computational power of victims’ devices to mine cryptocurrencies for the hackers.

A report released by Kaspersky Labs about a month ago confirmed the increase in cryptojacking attacks. Cybercriminals are developing increasingly sophisticated forms of crypto mining malware programs, using techniques such as file-free contamination or placing malware directly on routers.

Crypto News Tech

PowerGhost Is An Innovative Crypto Mining Malware, Mostly Targeting Corporate Networks

Unauthorized crypto mining malware recently discovered by Kaspersky Labs is affecting corporate networks worldwide. The computer security firm said that so far the most affected countries by this virus are India, Brazil, Colombia, and Turkey. The cryptojacking malware was named PowerGhost because of the difficulty of detecting it, an advantageous feature for unauthorized mining malware.

The firm’s experts described that, once it is sneaked onto the victim’s device, it accentuates its privileges through vulnerabilities in the operating system and begins to mine cryptocurrencies in the background.

Among the countries with the highest incidence of this virus attack are Brazil and India, with 200 to 290 users affected, followed by Colombia and Turkey, where between 110 and 200 users were infected, according to SecureList data.

Like any other crypto mining malware, PowerGhost uses processing power from infected devices and uses it to decipher the puzzle that validates a block of transactions with cryptos. This process, known as cryptojacking, requires a large number of computational resources and can cause overheating and lag the affected devices.

PowerGhost crypto mining malware is mostly focusing on corporate networks

In this particular case, the virus seems to be focused on corporate networks, so it also attacks server performance and accelerates wear and tear, generating replacement costs.

Kaspersky Labs warns that, compared to most malware of this type, PowerGhost is more difficult to detect because of it doesn’t need any files to work. That means it does not download malicious files to the devices it infects, making it easier to operate without being noticed.

Moreover, experts identified a version of this crypto mining malware that contains a tool for DDoS (Distributed Denial of Service) attacks which can paralyze networks and servers.

A technical analysis of this malware published by Secure List shows that cybercriminals are using increasingly sophisticated techniques to achieve their goals. They believe that the devs of PowerGhost went further by using “file-less” techniques to deploy the cryptojacking software on their victims’ systems.

It seems that the growing popularity and the increasing prices of cryptocurrencies have made cybercriminals to innovate new malicious crypto mining software. As the data shows, the cryptojacking malware programs are gradually replacing the ransomware Trojans.

Crypto News

Cryptojacking Affected More Than 1 Million Computers In China – 20 Chinese Cyber Attackers Arrested

An investigation by Chinese authorities revealed that over the course of two years, more than 1 million computers were infected with crypto mining malware, which would have resulted in illicit profits of more than $2 million for computer criminals. The operation resulted in the arrest of 20 suspects from the technology firm Dalian Shengping Network Technology and another management software distribution company accused of implementing cryptojacking.

According to police reports, hackers were able to extract 26 million units of DigiByte (DGB), Decred (DCR) and Siacoin (SC), valued at 15 million yuan (about $2.2 million).

Cryptojacking involves using the processing power of a computer for crypto mining

The scheme was discovered after the security team at Tencent Holdings Limited alerted public safety authorities about a “Trojan” crypto mining script hidden in free downloadable plug-ins. Hackers developed and embedded the malware in these add-ons which they offered through advertisements that promised user benefits, such as improved browsing speed. Infected files reached 5 million computers in China.

The software was programmed to initiate the mining script once it detected that the computer’s CPU usage was less than 50%. In this way, it ran in the background quietly. Hackers would also have developed a network of more than 100 agents to help spread malware, hidden in software for the administration of Internet cafe networks.

20 Chinese arrested for cryptojacking

Of the total of 20 people arrested in this case, 11 were released on bail, while nine others remain behind bars.

Cryptojacking has captured the interest of cybercriminals, generating a significant increase in attacks via crypto mining malware between 2016 and 2018, according to a study by the cyber security company Kaspersky Labs. This report seems to indicate a migration of hackers from ransomware attacks to hidden crypto mining.

Large companies have also been affected by cryptojacking, and, in February, cybersecurity firm RedLock reported attacks cases at electronic car company Tesla Inc, Gemalto, the world’s largest SIM card manufacturer, and international insurance company Aviva.

Crypto News

Cryptojacking, Hidden Cryptocurrency Mining Malware, Outperforms Ransomware Attacks

Ransomware threatened billions of computers during 2017, hijacking the functionality of the infected computer until the user paid a certain amount, usually in Bitcoin (BTC), to restore system performance. This type of attack is a business model for cybercriminals, who amassed large quantities of BTC with this kind of extortions. However, over the past year, the profitability of malicious ransomware attacks has been outperformed by hidden cryptocurrency mining malware (cryptojacking), says Kaspersky Lab.

According to the report “Ransomware and Malicious Cryptojacking 2016-2018”, recently released by cyber security company Kaspersky Lab, cybercriminals are migrating to cryptojacking for “being a more sustainable business model over time” than a malicious attack with ransomware can be.

The report notes that Ethiopia, Afghanistan, and Turkmenistan were the three countries most targeted by cryptocurrency mining malware between 2017-2018, accounting for 31%, 29%, and 24%, respectively, of the total number of countries targeted by cryptojacking during the before-mentioned period.

The increase in the number of attacks with mining malware almost doubles the figures recorded in 2016, to over 1.87 million, as Kaspersky Lab estimates that there were 2.7 million cryptocurrency mining malware attacks on computers in 2017 alone.

Bitcoin (BTC) is commonly used by ransomware attacks, while hidden cryptocurrency mining malware uses Monero (XMR) more

It should be noted that malicious cryptojacking attacks on mobile devices maintained a different geographical concentration than attacks on computers. As for mobile cryptocurrency mining malware, the country with the highest percentage of people affected was Venezuela.

The growth in attacks on mobile devices was 168% for Venezuela, 90% for Nepal, and 215% for Turkmenistan, which ranks as one of the countries most attacked by malicious miners on both computers and mobile phones. Also, the increase in the mobile threat in China increased by 1,287% in the last year, an alarming figure, especially considering the number of potential victims from the world’s most populous country.

In the case of ransomware, Bitcoin (BTC) is the most used digital currency, while Monero (XMR) is the one that attracts cryptojacking because it is much easier to mine. In fact, all hidden cryptocurrency mining malware based on the Coinhive code process Monero (XMR) transactions, occupying the processing capacity of the device in which they are hosted.

Exit mobile version