Scriptordering for dummies: How to protect yourself from the hidden mining
Kryptogamen — secret mining of digital currencies in recent months, first rapidly gained popularity, and then even managed to slightly go out of fashion, returning the palm to the traditional virus— extortionists. But to relax early: this threat is still relevant. We offer to your attention translation of the article Marty Puranik, founder and CEO Atlantic.Net that shares tips on how to avoid becoming a victim of cryptogamia.
Cryptogenic is the process of unauthorized use of other people’s computers for mining cryptocurrency. It is not associated with the installation of spyware or adware software, and in this case there is theft of information from your system. Such software steals computing power for their own purposes, and not so easy to detect.
How it works
Old hackers use phishing techniques to trick users to click on links, resulting in the downloaded code for mining cryptocurrency. The most popular and effective method is the contamination of the site code that is executed when the page is loaded by the browser. However, the power of individual computers is not enough for efficient mining. That’s why hackers target cloud services.
Cryptogenic vs cloud services
Large companies — the main target for cryptogamia, because they have cloud resources. Hackers choose those cloud services that have weaknesses. Surprisingly, some don’t even need a password to log in!
Studies show that 49% of databases in the cloud are not encrypted. Using scanners, hackers search the Internet for weak cloud environment. So, they can receive the metadata from the API public clouds.
So bottom bitcoin?
No, the world’s oldest cryptocurrency better than others protected from cryptogamia. Why? Because the technology of the blockchain implements public and traceable records of all transactions. That is, the illegal mining on someone else’s equipment can easily be computed by the community. Why hackers prefer coins with high anonymity that are difficult to track, for example zcash for or Monero.
How to protect data centers from cryptogamica
There is no magic pill. The simplest answer to take care of the correct configuration of the equipment, so as not to attract cybercriminals. Enterprises should change the basic settings offered by the cloud nodes. Cloud and containers must also be configured correctly to avoid putting data at risk.
In February 2018 Tesla announced that was badly damaged by cryptogamia. In a company of this scale overrun of computing power to go undetected. Data centers who do not want to fall into that trap, must be configured so that when exceeding the expected levels of consumption of electric power and Hasrat triggered the alert. This will allow time to detect and prevent unauthorized mining.
Despite the fact that triptorelin is a relatively new phenomenon in the world of cybercrime, it quickly gained momentum because of its simplicity and relatively high yield. Enterprises that do not control their own security and do not follow the consumption, the risk of becoming victims of criminals.