Crypto malware definition
Crypto malware (or cryptojacking) is malicious software that mines cryptocurrencies on the victim’s computer without their knowledge or consent. The software is typically distributed through malicious websites, software downloads, or email attachments. When the victim’s device is infected, the malware uses its resources (e.g., processing power, electricity) to mine cryptocurrency for the attacker. As a result, the victim’s device may slow down or overheat.
See also: fileless malware, anti-malware
How crypto malware works
- The victim unknowingly clicks an infected link or visits a malicious website.
- The malware script is downloaded onto the victim’s device and runs in the background without their knowledge.
- The malware script uses the device’s processing power to solve complex mathematical algorithms in order to mine cryptocurrency.
- The cryptocurrency mined is sent back to the cybercriminal’s wallet, allowing them to profit from the victim’s computing power.
- The malware runs in the background, causing the victim’s device to slow down or overheat.
- The hacker may continue running the malware for as long as possible (until it is detected and stopped).
How to detect crypto malware
- The device is slower than usual. Crypto malware uses the device’s system resources to mine cryptocurrency, causing the central processing unit (CPU) usage to increase significantly.
- Unusual processes. Some crypto malware may attempt to disguise itself as a legitimate system process. You should monitor the processes running on your device for any unusual activity.
- Suspicious network traffic. Crypto malware must communicate with its command-and-control server to receive instructions and return the mined cryptocurrency. Monitor the network traffic for any suspicious activity.
- Antivirus alerts. If you are getting alerts from your antivirus software about malware infection, you may have crypto malware on your device. Run a full scan of your system to detect and remove any malware infections.