Earlier this week, the Monero community (XMR) announced the launch of a new website aimed at educating users to clean up malware and ransomware from encryption.
Facilitate the confusion and frustration of malware victims
Monero's ease of extraction and privacy are distinctive features for the currency. However, features attract bad actors who use money in malware.
Justin Ehrenhofer, director of the Malware Response Workgroup, told CCN that two major factors make XMR attractive to hackers:
"The attackers like Monero for two reasons: 1) is private, so they do not have to worry about the companies and the forces of the order by tracing what they do with the Monero after having extracted it, and 2) Monero uses a Proof of Work (PoW ) algorithm that is compatible with CPU and GPU, therefore, the infected machines are competitive.These two components are increasingly important factors for why the attackers choose to extract Monero compared to other cryptocurrencies. "
The ability to use cryptocurrency in malware is not exclusive to Monero. Bitcoins and other digital currencies have been used in the same attacks described above, but XMR has privacy features that make it stand out.
When asked about what led to the creation of the working group, Ehrenhofer said: "We have created this working group to help the victims of these mining / ransomware attacks, which often have no idea what Monero, mining and cryptocurrencies are. The increase in prevalence of Monero – related malware led to the formation of the working group ".
The new Malware Response website tries to inform visitors about ways to prevent and remove malware. As stated, it is expected that visitors will land on the site frustrated and looking for answers, since most do not understand what is happening.
In addition to finding out if XMR-based malware is running on your computer, the site includes remedies for the three types of attacks used: browser-based mining scripts, system / PC based malware and ransomware.
Cleaning unwanted Cryptojacking scripts
Scripts to extract Monero in the browser are occasionally used as an opt-in service as a means of allowing visitors to fund websites. As reported by CCN, Slate.com has briefly added the extraction via cryptography as an option for visitors instead of ads. If readers had opted for the option, their browsers would take advantage of XMR with the resources of their computers while they were browsing the site.
However, hackers can also inject mining scripts into vulnerable sites without the webmaster or visitors knowing about it, known as "cryptojacking". As reported by CCN, McAfee labs reported that cryptojacking increased by 86% in the second quarter of 2018. Additionally, for 2018 so far, illegal cryptojacking has reached 459%, mainly due to losses from NSA hacking. The criminals then used these tools to infect computers with malware.
As the NSA (and Microsoft) have already admitted guilt for the mistake, one would think that they would be the entities that create an educational site like that of Monero.
The Monero community is firmly against malware
Because cryptographic attacks are new to webmasters / Internet users and sometimes sophisticated, education is a key role in the rapid discovery and response to security breaches.
The technology and the Monero community do not tolerate any malevolent activity in which Monero is used, as Ehrenhofer has made clear.
"Monero and the community are not attacking computers, but computers are attacked with some vulnerability and the attacker decides to run mining software on compromised machines," he said.
Images from Shutterstock
Follow us on Telegram or subscribe to our newsletter here.
• Join the CCN crypto community for $ 9.99 a month, click here.
• Do you want exclusive analysis and in-depth analysis encrypted by Hacked.com? Click here.
• Open positions on CCN: sought-after full-time and part-time journalists.