Attackers are increasingly introducing more large-scale global attacks on unknowing victims. Source: Shutterstock

Is your country on the cryptocurrency mining malware hitlist?

THAILAND has been named as the leading location where cryptocurrency mining malware is found, according to network and enterprise security firm, Palo Alto Networks.

This past year has seen a significant rise in the amount of fraudsters taking over unsuspecting computers and using these systems to mine or create new cryptocoins.

The mining malware tools used by attackers are often incredibly difficult to detect, as they are commonly combined with other techniques such as fileless methods, to cover their tracks.

According to a blogpost by Christopher Budd, Senior Threat Communications Manager at Palo Alto Networks, attackers are increasingly introducing more large-scale global attacks, and so increasing the intelligence and preventive efforts towards cryptocurrency-focused threats is paramount.

In particular, the company found that XRMig, a software used to mine the monero cryptocurrency, is used to attack the systems of unknowing victims without their consent.

Attackers are strategically using malware delivery techniques including URL shorteners to disguise XMRig as a legitimate program.

Of the top 10 countries who were globally attacked, Thailand was found to be the hotspot for the most downloads of the new malware at 3,545,437. This was followed by:

  • Vietnam: 1,830,065
  • Egypt: 1,132,863
  • Indonesia: 988,163
  • Turkey: 665,058
  • Peru: 646,985
  • Algeria: 614,870
  • Brazil: 550,053
  • The Philippines: 406,294
  • Venezuela: 400,661

The malware is said to have affected an estimated 15 million people globally, but according to the Large Scale Monero Cryptocurrency Mining Operation using XMRig Report, this figure is likely to be much higher, at an estimated 30 million.

According to the report, although monero mining campaigns are not a new development, this recent discovery of such a large-scale campaign which had gone unnoticed for ‘such a long period of time’ is not common.

Monero is a cryptocurrency similar to bitcoin but more unique in its emphasis on creating a higher level of privacy around transactions.

With over 500 million computers around the globe now mining cryptocurrency unknowingly in their browsers, it is vital to be extra cautious when visiting sites on the internet. Many anti-malware sites, such as Malwarebytes, automatically block cryptocurrency miners on the web pages you visit.