Home Security Cryptojacking a growing malware threat for cryptocurrencies: report

Cyber criminals have come up with new malware sent in emails to attack cryptocurrencies like bitcoin, litecoin and ethereum.

According to email security firm MailGuard, the new “malware pandemic” is a devious technique criminals have come up with to use malware to mine cryptocurrency on hijacked machines.

In a blog on the MailWatch website, the company's blog editor Emmanuel Marshall says that recently, with the surges in cryptocurrency value, the new malware has appeared.

“When cryptojacking malware first started to appear, it was generally found embedded in web pages and infected victim’s devices when they browsed a compromised site,” Marshall notes.

But, he says that as the threat has evolved, “scammers have found new ways to implant their malware, and now cryptojacking attacks often start with a malicious email”.

“The victim will get a message in their inbox with some sort of link to a file or Web page infected with the cryptojacking malware. Malicious emails are usually designed to look harmless; cybercriminals try to make their scam messages appear to be from a large company or government organisation that has a trustworthy reputation. Think of parcel delivery scams from DHL, fake online shopping notices from eBay, or fraudulent notifications from your government tax office.”

According to Marshall, most victims of cryptojacking malware attacks don’t even know their machine has been infected.

He says the malware works in the background, mining cryptocurrency and delivering it to the criminals without the victim’s knowledge, and the only side-effect of the malware infection “will be a dip in device performance because of the extra work the processor is doing”.

Marshal says that cybercriminals use cryptojacking attacks to take control of all kinds of devices.

“Recently there has been a big increase in cryptojacking attacks aimed at phones. A 2018 report found that cryptojacking attacks on Android devices had increased by a staggering 4000% in the first three months of this year.

“Although an individual phone doesn’t yield much processor power on its own, criminals can build a botnet of infected devices and make them work together. In this way, they can harness vast processor resources across a network of infected machines, stealing a small amount of bandwidth from each device.”

Marshall says a newly discovered cryptojacking malware — called WinstarNssmMiner — has the built-in ability to crash victim’s computers if they attempt to remove it.

And he says researchers have just announced they have identified WinstarNssmMiner in half a million cryptojacking attacks occurring over a three-day period.

“The recent growth in the cryptocurrency market will likely create even more incentive for criminals to perpetrate cryptojacking scams. Cyber criminals use simple scam emails to infiltrate organisations with malware and attack them from the inside,” Marshsall says.

“To avoid becoming a victim, it’s a good idea to familiarise yourself with the most common elements of the email scams used to deliver cryptojacking malware.

“All criminals need to break into your business is a cleverly worded email. If they can trick one person in your company into clicking on a malicious link they can gain access to your data.”


With 50+ Speakers, 300+ senior data and analytics executives, over 3 exciting days you will indulge in all things data and analytics before leaving with strategic takeaways that will catapult you ahead on your journey

· CDAO Sydney is designed to bring together senior executives in data and analytics from progressive organisations
· Improve operations and services
· Future proof your organisation in this rapidly changing technological landscape
· CDAO Sydney 2-4 April 2019
· Don’t miss out! Register Today!
· Want to find out more? Download the Agenda



Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips


Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).


Popular News




Sponsored News