Slow browsing? Hackers could be mining bitcoin

Computer users will notice their computers performing more slowly than usual, as the mining software hogs the computer's resources, taking about 60 per cent or more of its computational power.
Computer users will notice their computers performing more slowly than usual, as the mining software hogs the computer's resources, taking about 60 per cent or more of its computational power.PHOTO: REUTERS

Spike seen in mining malware that infects computers and websites, slowing systems down

If you feel your Internet connection has been slower in the past few months, do not blame your service provider just yet - you may be a victim of a new form of malware.

As prices of cryptocurrency such as bitcoin soar to astronomical values, hackers are infecting computers and websites with malicious software. This malware creates a zombie mining army which toils in the background mining cryptocurrency, with users none the wiser.

Cryptocurrencies are digitally coded scripts that attempt to replicate modern-day currencies.

Cyber-security researchers have seen a spike in cryptocurrency mining malware this year, as well as a new trick called cryptojacking, where websites are infected with software that prompts visitors' computers to mine cryptocurrency when they visit the website.

Cyber-security firm Fortinet said its Web filtering services have seen 100,000 cryptojacking hits from Singapore over the past month.

Globally, the company reported 60 million hits in the same period.

While the Cyber Security Agency of Singapore (CSA) has yet to receive any official complaints from local users or businesses, it is keeping an eye on such developments.

"Unauthorised cryptocurrency mining and browser-based digital currency mining are concerns to note," said Mr Douglas Mun, deputy director of CSA's National Cyber Incident Response Centre.


Cryptocurrency-mining malware gobbling up a computer's spare resources. A quarantine message that pops up on an infected user's machine (above) when anti-virus software detects cryptocurrency-mining malware.PHOTOS: TREND MICRO, LESTER HIO

In September, cyber-security researchers started noticing an increasing popularity in cryptojacking when hackers started to slip cryptocurrency-mining software into websites. Users who visit infected webpages inadvertently add to hackers' coffers while their computers' systems are being made use of.

Senior research fellow at security software maker ESET Nick FitzGerald said: "These websites were either deliberately hosting coin-mining programs to make money for themselves, or unwittingly hosting such scripts through compromise or display of advertisements."

Users can be fooled because hackers have started compromising legitimate websites and hiding their malicious code in them.

Fortinet's director of security research David Maciejak said: "Some are very legitimate websites, like CBS' Showtime or soccer star Cristiano Ronaldo's official webpage. "


Cryptocurrency-mining malware gobbling up a computer's spare resources (above). A quarantine message that pops up on an infected user's machine when anti-virus software detects cryptocurrency-mining malware.PHOTOS: TREND MICRO, LESTER HIO

Cryptocurrencies, especially bitcoin, have become the new darlings of hackers, as they are untraceable and rapidly growing in price.

According to estimates by anti-virus firm Kaspersky's researchers, a 4,000-machine network can reap its owners up to US$30,000 (S$40,600) a month.

Computer users will notice their computers performing more slowly than usual, as the mining software hogs the computer's resources, taking about 60 per cent or more of its computational power, according to a CSA advisory.

"Unauthorised mining is a new threat that can... cause a user's system to suddenly and unexpectedly slow down, sometimes significantly, when visiting a website," said Mr Vicky Ray, principal researcher at network security firm Palo Alto Networks. "In a worst-case scenario, the slowdown can be so severe that it can make a website basically unusable."

 

Users can tell they are on a compromised website if they see a sudden spike in memory usage and sluggish performance. They can stop the process by exiting the website, and not visiting it again. They should also install anti-virus software and keep it updated, as well as turn on firewalls and not click on suspicious links, say experts.

Bitcoin mining can also cause damage to computing hardware by overheating components, said Fortinet's Mr Maciejak. "If a particular computer is already old and well worn, it could fail from the strain."

The damage can also go beyond physical hardware degradation.

Mr Ryan Flores, senior manager of forward-looking threat research at Trend Micro Asia-Pacific, said such malware opens up individuals and businesses to information theft, hijacking and a plethora of other malware.

SEE BUSINESS

 
A version of this article appeared in the print edition of The Straits Times on December 14, 2017, with the headline 'Slow browsing? Hackers could be mining bitcoin'. Print Edition | Subscribe