How to spot and block cryptominers on your network

Cryptominer malware is stealthy and drags down network and device performance. Some simple tasks and basic tools can minimize its impact.

Cryptojacking  >  Binary skull, code and bitcoin symbols invade systems as malware
Romanovskyy / Getty Images

A friend recently traveled to Iceland and came back with the knowledge that the country is a key hub for Bitcoin mining due to its cheap thermal energy source. Your computer or your network’s computers could also be an ideal spot for cryptomining. I know of individuals who were found to be running cryptomining software on customers’ machines in violation of firm’s practices.

Cryptomining is the process of creating cryptocurrency units. Many of the popular cryptocurrencies are mathematical problems that creates units of currency. CPU cycles turn into money. This process is legal, but criminal cryptomining uses the power and CPU cycles of machines that they hijack to earn money.

Cryptojacking occurs when a malicious actor hijacks systems via web servers and web browsers. Malicious JavaScript is typically injected or planted into web servers so that when users visit a web page their browsers become infected, turning their computers into cryptominers.

Can you detect and protect yourself from this activity? Absolutely. Let’s start with the more passive ways to spot cryptominers on your network.

Monitor network performance

First, review performance of systems on your network. End users might notice excessive CPU usage, changes in temperature, or faster fan speeds and report them to IT. This can be a symptom of improperly coded business applications, but it also can indicate hidden malware on systems. Set baselines of your systems to better spot anomalies in your systems.

To continue reading this article register now

Microsoft's very bad year for security: A timeline