Ransomware vs Cryptojacking. All About Crypto Fraud

Malicious software that affects crypto community is becoming increasingly commonplace as hackers find newer ways to gather cryptocurrencies in a dishonest way. The software becomes much more advanced and active. Skybox Security summed up the results of the first half of the year and came to the conclusion that сryptojacking is rapidly gaining popularity and has bypassed ransomware in the threat rating. We decided to talk in detail about these types of malware, to find out how they may affect us.

Cryptojacking is the process of hidden cryptocurrency mining on other people's computers, without the consent of their owners. Cryptojacking software is not a classic malware, as it does not harm the hardware or software of a device. But in the process of shadow mining scripts use a huge part of the processing resources available. They heavily loading the PC processor and its memory resulting in slowing down of the computer, increasing power consumption and heating up of the components.

Usually, mining on websites is used as an alternative to advertising banners and ads. The script uses one or two cores of the computer for mining. And in this case, the slowdown of the PC is almost not noticeable. There are even advantages in this situation. The user gets rid of annoying advertising, the website owner earns their money but unfortunately, there are also cases of abuse of this technology.

It should be noted that cryptojacking is usually used for mining of the monero token. To avoid becoming a victim of software slowing your device, you need to find the source of the threat and eliminate them.

Keep in mind that cryptojacking is possible not only on computers, but also on smartphones. If the device slowed down, and discharges faster, go to the settings tab, responsible for monitoring energy consumption of applications. If some program consumes a lot, it can be a hidden miner.

Ransomware are malicious programs that encrypt important files ask for money in order to get them decrypted. The extortion program blocks or restricts users' access to their system. This can be done by locking the screen or user files until the ransom is paid.

Ransomware is distributed in many ways. Email spam with malicious attachments is the most effective method. Cybercriminals also use other methods of distribution such as infected software, hacking sites, exploits, malicious scripts, targeted attacks, RDP attacks, server hijacking and others.

The most famous case of such a malicious program is the WannaCry virus epidemic, also known as WannaCrypt, WannaCry Decryptor, WCry and WCrypt. In just a day, the virus day struck more than 200 thousand computers. At the same time, the largest number of attacks was recorded in Russia.

WannaCry is a Trojan that encrypts files on infected computers and blocks access to data. In order regain ability to open their files, the user had to send $300-600 in bitcoins to the purse of intruders behind WannaCry. Of course, there are no guarantees of decryption and unblocking of files after payment.

Attackers also use altcoins. So, for example, Kirk virus-killing virus, which encrypts about 625 types of various files using the RSA-4096 protocol, requires payment in monero cryptocurrency.

In general, for the first time this type of virus was fixed long before cryptocurrencies came, its just that now it’s much easier to to obtain payments through them. In 1989, the malicious program AIDS Trojan spread on floppy disks during a medical conference. The virus encrypted all files on the computer's C drive and demanded to send $189 to a mailbox in Panama.

There are no universal means of combating such programs.

By Ekaterina Ulyanova