How cybercriminals are exploiting the bitcoin craze

Bitcoin is on fire. The cryptocurrency has jumped thousands of dollars in value in the past few weeks, and everyone seems to want to get a piece of that sweet, sweet pie. Including, naturally, cybercriminals. Yes, online crooks are using every trick in the book to exploit the crypto craze. From stealing usernames and passwords to installing malware on users’ computers, cybercriminals are working to get their hands on cryptocurrency in any way they can.

Stealing your information

One of the more popular types of bitcoin-related cybercrime involves using keyloggers, programmes that can see what you type on your keyboard, to steal users’ login information for their bitcoin wallets. As Symantec’s Candid Wueest explains, victims accidentally download such keyloggers via infected email attachments, which install themselves on their computers.

“From that point they would just monitor for any bitcoin transaction or any bitcoin wallets that you have, and try to steal the passwords,” he said.

Here’s how this scheme worked recently: A piece of malware known as Trickbot began spoofing the popular cryptocurrency exchange Coinbase.com’s login page. The software works by redirecting you from the real Coinbase.com to a page that looks similar, but captures your login information.

That’s not the only devious behavior this malware is capable of, according to Wueest — it can also mine bitcoin and other forms of cryptocurrency using your own computer.

Dragging you down

Some miners are designed to remain hidden by using a smaller amount of your PC’s processing power, which you’re not likely to notice when doing something like opening a web browser. Start using more resource-intensive programs, though, and you’ll see some slowdown.

Other kinds of miners push your computer to the max right out of the gate, which will slow your machine to a crawl. For large businesses that run huge numbers of servers, though, the extra load can put a bit of a dent in their bottom line due to the power needed to run such operations.

“For organizations running multiple computers and server farms and so on and so forth, that can be a significant cost,” McAfee’s Samani said.

Beating back the bots

So how do you fight back against these kinds of threats? Well, as always, your best bet is to ensure that your computer is running the latest software updates. And don’t think you’re safe because you own a Mac. Instances of this kind of malware have been detected on those, too.

And of course, make sure you’re running some kind of security software. Yes, it can be annoying, but it’s well worth dealing with the hassle of updating that software in order to keep your computer safe. So get downloading. (Yahoo Finance)

Mining on your time

That’s where technologies like browser-based miners come into play. Browser-based crypto miners allow for site owners to run a Javascript on a person’s computer whenever they visit a particular site. That script then uses your computer’s CPU to help mine currencies like Monero

The software itself isn’t designed to harm your computer. Sites like Coinhive even indicate the script could be used by publishers and webpage owners to generate revenue lost through the increased use of ad blockers. It’s not a bad idea, either. That is, when you’re told that it’s actually running on your machine.

See, not all Monero miners or sites will tell you they are operating in the background, sucking up precious system resources, which can slow your computer to a halt. What’s more, Monero miners are only supposed to run on your computer while you’re on the site that uses the script. That’s not always the case, though, as some will generate a browser window that then hides on your desktop to keep sucking up your computer’s resources.