Unauthorised cryptocurrency mining

CERT Australia is aware of an increase in cryptocurrency mining (cryptomining) malware, used to exploit the processing power of systems globally.

The most recent campaign exploited a plugin called Browsealoud which is an assistive technology tool that adds text-to-speech functionality to websites. More than 4000 businesses using the plugin were affected.

Cryptomining explained

Cryptomining software uses a system's processing power to solve complex mathematical problems, which verify existing digital currency transactions. The relevant cryptocurrency is then given as payment for the service. Cryptominers are essentially digital currency auditors.

Cryptomining is an important part of how digital currencies work. Without this step, there is nothing that ensures someone isn't using the same money twice.

Cybercriminals use malware to harness the power of multiple systems to generate greater profits.

Unauthorised cryptomining can have a significant impact on businesses as the resources required by cryptocurrency miners can easily consume the operating power of entire servers. Businesses infected with cryptomining malware may experience a reduction in the processing capacity of their systems.

Some cryptocurrency malware has been designed to consume a limited amount of system resources to avoid detection, while others use all available resources. Cybercriminals have even been observed to automatically disable processes on compromised servers to allow for even greater cryptomining capacity.

Recommendation

Businesses can combat cryptomining malware through good cyber security hygiene. The Australian Signals Directorate's Strategies to Mitigate Cyber Security Incidents helps you defend your company against cryptomining and other malware threats.