Unfortunately, there are many scammers on the Internet who are trying to steal money or confidential information. With the advent of cryptocurrencies, a new object for theft has appeared - computing power. In other words, attackers have learned to mine cryptocurrencies at someone else’s expense. Let's figure out how to deal with this and protect ourselves.

What is hidden mining. Principle of operation

Hidden mining is the use of computing equipment without the knowledge and consent of its owner for the purpose of mining cryptocurrencies. This mainly uses the resources of the processor, GPU, and hard disk space. The result is a constant load on these components, their accelerated wear and increased energy costs.

It works like this:

  1. Software is quietly installed on the victim's equipment.

  2. The program mines in the background.

  3. The coins earned by mining are, of course, sent to the attacker’s wallet.

Hidden mining can also be present on websites - when you go to the page, mining begins unnoticed by the user. This is one of the reasons not to follow suspicious links. In general, hidden mining can be classified as a type of virus. You need to know how to prevent infection.

How scammers manage to hide mining

The simplest and most common way is to run the software in the background, similar to service processes. Most users will not notice that anything has changed and may suspect something is wrong only by indirect signs, such as slow operation and freezing of the computer.

More advanced programs pause when the user opens the task manager or otherwise attempts to detect its activity. There are many options - it is also possible to embed the miner into other applications so that it seems that they are consuming so many resources.

How does infection by a hidden miner occur?

If an unscrupulous person has access to equipment in real life, then he, of course, can install a miner this way. But more often, infection occurs via the Internet. Here are the main options:

  • Vulnerabilities in the operating system or installed software. Special exploits secretly control hardware and install unauthorized software.

  • Distribution through installers of pirated programs downloaded from the Internet.

  • Infection through malicious websites.

Illegal and half-legal sites are the main route for the spread of hidden mining. You should not visit unknown resources of this kind, no matter how tempting they are - free cheese only comes in a mousetrap.

How to safely check your computer for hidden mining

The simplest thing is to open the task manager and look at the load level of the central processor, memory, hard drive, GPU, and network activity. If any processes consume an abnormally large amount of resources, study them in more detail - what kind of processes they are, what folder they are running from, what addresses on the network they connect to. We recommend the Process Monitor utility from Microsoft. You should also check which programs are in startup.

A high-quality antivirus with fresh databases is an absolute must-have. Most likely, it will detect and block the hidden miner at the stage of its penetration into the computer. However, there is more cunning software that is automatically included in exceptions, and therefore the antivirus does not respond to it.

You can do this: boot the operating system from clean media; check it with a good antivirus. Ideally, do this regularly if you want to minimize risks.

Several signs that may indicate an infection:

  • Severe slowdown in PC operation and opening web pages in the browser, stuttering in games and watching videos.

  • Noticeable overheating of the equipment, constant operation of fans at full power.

  • Disappearance of a significant part of the disk space to an unknown location. Constant drive activity.

  • Even when you are not using the Internet, network activity is observed, including the sending of data.

  • When you turn on the computer, some windows open for a split second and immediately disappear.

If nothing helps to find the virus and get rid of it, you can reinstall the operating system.

How to prevent infection

Finally, we will give some useful tips on how to protect your computer from infection by a hidden miner. Most of them are quite obvious and, moreover, are the simplest rules of “digital hygiene” that any user must follow:

  • Install a good antivirus (Kaspersky Internet Security) and constantly update the database. Keep the firewall turned on - at least the regular system one.

  • Always have an image of a clean operating system and basic necessary software on external media in case of an emergency reinstallation.

  • Enter a list of malicious sites publicly available, for example, on Github, into the hosts file.

  • Change the local security policy secpol.msc, allowing only verified programs to run.

Protecting your computer from hidden mining is actually not difficult - you just need to be attentive and careful. However, this applies to networking in general, and not just to this danger. Preventive measures are simple and almost anyone can cope with them.