Bitcoin mining hijacking pc

Is your computer running slow? It could be that you have bitcoin mining malware on your computer.

As the value of bitcoin rose during last year so did the incentive to “mine” bitcoins. Bitcoin mining is the process of performing cryptographic calculations that secure the bitcoin blockchain. These calculations are very CPU intensive and hence criminals attempt to use computers belonging to others to perform the calculations.  The criminals are stealing the processing power of your computer and in turn, increasing your electricity bills.

How do I know if I have this form of malware installed?

Your computer could be sluggish to respond or simply takes longer to do tasks. You could also use the built-in tools in your operating system to monitor the performance of your computer. On the Mac this is called “Activity Monitor” and on Windows “Performance Monitor”.  These applications are fairly complex. However each one will show graphs of CPU performance. If the percentage of CPU usage is high when you are not performing a task, then it is likely that some background task is making use of the CPU. This could be an indication of malware at work.

How does this malware get on my computer?

Malware can be installed in a variety of ways. Traditionally applications are installed on a computer. This may happen because a user chooses to do so. The applications could contain malicious code (malware). This form of malware is often called a Trojan; one application pretending to be something it is not.

Another method is to install an application via a hijacked web link. By clicking on a web link controlled by a criminal you could be inadvertently installing a malware application.

However recently we have also seen web browser based malware. Rogue web pages can be created that run “scripts” inside the web browser. These scripts attempt to run the bitcoin mining applications. Browser based scripts will only run when your web browser is accessing the compromised web site. Hence closing the web browser should stop the bitcoin mining application from running.  It should be noted that embedding scripts in web pages is very common and not all scripts are bad. Web page scripts are a great way to improve the functionality of web pages. While it is possible to block all web scripts you may find that the functionality of many web sites is compromised as a result.

What can be done about this?

Ensure that your anti-virus software is up to date, as this should be able to detect and remove the malware.

There are also web browser plugins that can detect and block this form of malware.

In summary:

  • Be suspicious of unexpected emails and other communications that contain unknown web links.
  • Use the performance monitoring tools built into your operating system to help detect malware
  • Keep your anti-malware application to update.
  • Install browser specific plugins to protect against browser based bitcoin mining malware.
Anonymous