print   email   Share

Is Your Workstation A Cryptocurrency Mining Drone For Cybercriminals?

Hackers are using malware called Digmine to trick Facebook Messenger users into mining cryptocurrency for them.

Victims receive a file called "video_xxxx.zip" in Facebook Messenger. If they click on the file, their computer is infected with Digmine, which gives hackers control over their machine. Hackers then use their victims' CPU power to surreptitiously mine cryptocurrencies.

Digmine will slow down victims' computers. It will also target their Facebook friends by sending them a link containing the malware in Messenger.

Digmine, which was first discovered in South Korea, has already moved into South Asia and may soon invade India. It can only spread through the desktop version of Messenger when used on Google Chrome.

Facebook has worked with the cybersecurity firm that discovered Digmine to remove links containing the malware. Facebook is also providing a free anti-virus scan for any computer believed to be infected with Digmine.

Other recent cryptocurrency mining malware has targeted Android, Google Play Store, and video streaming service users. Vishal Aaditya Kundu "Beware! Cryptocurrency Malware Spreading Through Facebook Messenger!" trak.in (Dec. 27, 2017).


Commentary

Cryptocurrency is encrypted data that signifies a unit of currency. Cryptocurrencies are not issued by governments or financial institutions like physical money. There are over 700 cryptocurrencies, but Bitcoin is by far the most popular.

Cryptocurrencies are created and secured through a process called “mining.” Mining involves using a network of computers or specialized hardware to process and validate cryptocurrencies.

Cybercriminals favor cryptocurrency because it is untraceable, which is why ransomware often demands payment in bitcoin. As cryptocurrencies have gained acceptance—and value—hackers have also focused on finding ways to get users to unknowingly mine them.

Mining cryptocurrencies takes a lot of computing power. By creating malware that uses victims’ computers to do the work for them, cybercriminals reduce their own investment of time and hardware. As a result, hackers are devising more forms of cryptocurrency mining malware.

Because a device infected with mining malware suffers a considerable reduction in performance, it is important to protect your device against infection. Update your device with patches as soon as they become available, and enable your firewall and encryption.

Employers should have a frank discussion on whether workplace participants should be allowed to access Messenger or Facebook on employer devices or networks. If neither provides a work-related value, employers should consider not allowing access. 

Digmine can only target a victim’s Facebook friends if the user account is set to “log in automatically.” Disabling that feature and typing in your username and password every time you log into Facebook or Messenger will help stop Digmine from spreading.

Finally, your opinion is important to us. Please complete the opinion survey:
Username
Password

Keep me signed in

Forgot password?