back to article Cryptominers aren't just a headache – they're a big neon sign that Bad Things are on your network

Cryptominer malware removal is a routine piece of the cybersecurity landscape these days. Yet if criminals are hijacking your compute cycles to mine cryptocurrencies, chances are there's something worse lurking on your network too. So warned Sophos threat researcher Sean Gallagher, in a recent interview with The Register as …

  1. Anonymous Coward
    Anonymous Coward

    Another fear mongering advert

    Quote "Because there were other systems on the network that we didn't have access to that had the scripts running on them... that were attempting to reinstall it." Unquote.

    If you didn't have access how do you know what is running on said systems?

    1. Stuart Castle Silver badge

      Re: Another fear mongering advert

      They may have been able to log thousands of failed connection attempts from the IPs of those systems, depending on what mechanism is being used to install the malware..

      1. Stuart Castle Silver badge

        Re: Another fear mongering advert

        Actually, when I was a newbie at work, I spotted we had a virus infection using exactly that. Being a technician, I often needed drivers or utilities to be accessible. Because large USB sticks were expensive, and external hard drives weren't really a thing yet, I had several gigs of them in a shared folder. Read access only. One day, I noticed the machine was struggling a little bit. Seeing nothing out of the ordinary running, I unplugged the machine from the network so I could take it over to a little workbench area I had and look at it. The machine become responsive immediately, so I plugged it back in and started logging connected IPs. Sure enough, two IPs had thousands of failed connections between them. I reported those IPs to the technicians supporting the machines. Sure enough, both were infected with a virus. So, I detected there was a virus on two machines I had no access to based on how they were behaving toward my machine. That was 20 years ago. Technology has improved since then.

    2. khjohansen

      Re: Another fear mongering advert

      " systems on the network that we didn't have access to" - PHB's laptop??

  2. Ninja Wabbit

    And in other news just in: water is wet.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like