In recent months, cybercriminals have resorted to a new technique that allows them to obtain income easily and quickly. But in this case, they do not steal information, encrypt their data or install malware. Instead, they use the processing of their machine to perform crypto, and the protocols used to verify transactions of digital currencies such as bitcoin.
This requires powerful computers, because, during the verification process, through which money is obtained, complex algorithms are solved, which causes resources and energy to be spent on the device.
cybercriminals carry out mining in the background of the devices of other users without them noticing it.
Extensive computing capabilities are required, which allow algorithms to be processed more quickly and efficiently; while many use their own infrastructure, others abuse third parties to eliminate those costs. They are processes that can be done on portable desktops and even on personal or corporate servers.
If one has their machine, they can do 30 calculations per second, but for example, someone with a thousand computers can do 30,000. When you manage to put a record in the blockchain or blockchain (the technology through which the cryptocurrencies work), the person is paid with a portion of bitcoin and thus earns money”, explains Camilo Gutiérrez, head of the Research of the cybersecurity firm Eset.
But how do cybercriminals do these processes on the devices of other users? Well, the most used way is to embed lines of code in the pages of movies on the internet, streaming sites to watch games or online games.
The characteristic of these sites is that they bombard you with advertising. In those ads, the code is imbibed, and while the person sees the film, mining is being done without him noticing,
Once the user opens the link, the computer becomes slow due to the demand for computing resources, especially the memory, and the processor.
The experts say that when finishing and closing the tab, the user feels that nothing happened. But for two hours he was watching the movie, at the same time he was undermining. Over time, it can decrease the useful life of the equipment.
A study by Eset reveals that the crypto-typing processes are second in the list of malicious detections that are most identified per month in Colombia.
According to another Lab report, the total number of users attacked by malicious crypto-machinists increased by 44.5 percent in the period in the last year and in mobile devices increased by 9.5 percent in the same period. In the case of the region, this modality went from 57,278 in 2017 to 393,405 in the course of this year. According to the report, in Latin America, the country most affected by criptomineros is Brazil, with 51.23 percent of the attacks, followed by Mexico (19.86 percent) and Colombia (7.20 percent).
Attackers can also install the code in applications on mobile devices or take advantage of vulnerabilities in corporate servers.
“In a company, you can drastically reduce the availability of your services or increase the costs of electricity and hosting in the cloud. When teams slow down and heat up employees’ productivity, it can decrease, “says Soler.
To avoid being a victim, the most important thing is to avoid entering unreliable sites on the Internet and have a good security solution that warns you when mining processes are possibly running.
“The user, many times, is not careful. You have to be aware of how those sites behave, that the user knows what can happen and take precautionary measures, “he says.
In addition, he adds, “many will think that as information is not stolen and can be fulfilled, for example, to see a movie, because there is no problem, but over time, the consequences are seen in the team.”