Good news, everyone: Ransomware declining. Bad news: Miscreants are turning to crypto-mining on infected PCs For the past few years, ransomware has been a bane of computer users. These software nasties infect PCs, scramble files, and demand payment in cryptocurrency to restore the documents. Those cryptocurrencies are a right faff to get hold of and transfer to miscreants at short notice. And there's no guarantee crooks will hand …
no app/script available
"The only sign that a miner is installed is an increased CPU load on the infected machine"
Surely also if you looked at which process was causing the increased load you'd find a file that wasnt supposed to be there? On most servers this would be a process associated with its job, eg sqlservr.exe
Dosent malwarebytes (or other av) pick these things up? It seems to be able to pick up all sorts of other nasties that look much harder to detect . Its a mining operation! its noisy!
> but adds up to $31,000 a year, tax free.
What makes it tax free? My tax form (and I expect most other countries too). Have a box for "Other income - including tips, cash payments and profits of illegal enterprise"
Now I realise that many may not bother to pay, but that isn't quite the same as tax free.... is it? In any case in some parts the wrath of The Revenue is worse, and harder to avoid than the local law enforcement.
Mind, in Poland years ago the government decided against taxing the proceeds of prostitution precisely on the basis that it wasn't a legal activity in the land.
Suddenly lots of people started reporting a significant part of their income as being the proceeds of carnal exchange, something the tax office found unlikely (many of these were middle-aged male architects, lawyers and so on) so they started asking for customer lists as proof that your revenue did in fact come from an illegal activity.
I recently got a nice email that said that the people sending it have my keylogging and know that I have surfed porn. They won't tell if I send some bitcoin.
Thankfully I just ignored it as I knew it was untrue. On the other hand I suspect there are people out there who have fallen for it. At least there are no infections to deal with. Of course given the amount of infected email I come across (and ignore), it is but a small blessing.
"Miscreants can configure their malware to send back mined coins daily, but that increases the chance of detection"
That's a pretty odd configuration.
None of my miners collect the actual coins themselves. They are all mined to either a wallet address or to an account in a mining pool. Mining them to a local wallet just seems like asking for trouble even on your own system, let alone that you've gained illicit access to.
Using NiceHash miner seems a wee bit daft too, even ignoring screwing up the config. It's not exactl subtle software, and if you've got a GPU attached it will mine on that too. Which will generally be noticeable if only by fan noise.
This post has been deleted by its author
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
