Category Archives: Cryptojacking

Google Play and Microsoft Stores Delete Suspected Compromised Apps

Recently, Google Play Store and Microsoft Store both deleted multiple applications from their online stores, because the apps were malicious. Google deleted a total of 29 beauty camera apps from its Play Store, most of which show users pornographic contents or send them to phishing websites. The malicious beauty camera apps, discovered by Trend Micro, looked legitimate, but once installed did their dirty work and were difficult to uninstall.

 

Meanwhile, Microsoft Store also deleted eight cryptojacking apps, which included Fast-search Lite, FastTube, and Clean Master, among others. When downloaded and installed, the apps activated the Google Tag Manager in their domain servers, which then triggered the cryptomining scripts. Cryptojacking is a type of malicious activity that uses someone else’s device for illegally mining cryptocurrency—in this case, your device, if you installed one or more of these apps.

With reports like these of malicious and fraudulent apps being posted on different online stores, users need to make sure their Android and Windows devices are secured from such threats. While Google and Microsoft do their best to guard against such apps, users shouldn’t take for granted that even official stores are completely clean of them.

The solution is to install app protection on your devices. Trend Micro Mobile Security for Android  is a leading security product that protects your mobile device against loss, data theft, and viruses. It proactively scans apps you wish to install from the Google Play Store and tells you if they’re safe. You can also manually scan apps already installed and delete them if they’re found to be malicious.

Similarly, Trend Micro Security (TMS) will protect you from malicious or infected apps on Windows machines. Apps downloaded from Microsoft Store are scanned by TMS on disk for malicious code or infections, during the installation process, and upon execution. Any malicious files in such apps are deleted from your device.

Go to Trend Micro Security for Home for more information on our endpoint security solutions, or to buy Trend Micro Security products for your desktop and mobile devices.

The post Google Play and Microsoft Stores Delete Suspected Compromised Apps appeared first on .

Quick Heal Threat Report – Cryptojacking rising but Ransomware still #1 threat for consumers

In wake of the growing incidences of targeted cyber-attacks on enterprises using Cryptojacking, due to its ease of deployment and instant return on investments; it rather comes as a surprise that malware authors are still counting on Ransomware for targeting consumers and home users. Yes, you heard it right! According…

Cryptojacking Up 4,000% How You Can Block the Bad Guys

Cryptojacking RisingThink about it: In the course of your everyday activities — like grocery shopping or riding public transportation — the human body comes in contact with an infinite number of germs. In much the same way, as we go about our digital routines — like shopping, browsing, or watching videos — our devices can also pick up countless, undetectable malware or javascript that can infect our devices.

Which is why it’s possible that hackers may be using malware or script to siphon power from your computer — power they desperately need to fuel their cryptocurrency mining business.

What’s Cryptocurrency?

Whoa, let’s back up. What’s cryptocurrency and why would people rip off other people’s computer power to get it? Cryptocurrencies are virtual coins that have a real monetary value attached to them. Each crypto transaction is verified and added to the public ledger (also called a blockchain). The single public ledger can’t be changed without fulfilling certain conditions. These transactions are compiled by cryptocurrency miners who compete with one another by solving the complex mathematical equations attached to the exchange. Their reward for solving the equation is bitcoin, which in the crypto world can equal thousands of dollars.

Power Surge

Cryptojacking RisingHere’s the catch: To solve these complex equations and get to crypto gold, crypto miners need a lot more hardware power than the average user possesses. So, inserting malicious code into websites, apps, and ads — and hoping you click — allows malicious crypto miners to siphon power from other people’s computers without their consent.

While mining cryptocurrency can often be a harmless hobby when malware or site code is attached to drain unsuspecting users CPU power, it’s considered cryptojacking, and it’s becoming more common.

Are you feeling a bit vulnerable? You aren’t alone. According to the most recent McAfee Labs Threats Report, cryptojacking has grown more than 4,000% in the past year.

Have you been hit?

One sign that you’ve been affected is that your computer or smartphone may slow down or have more glitches than normal. Crypto mining code runs quietly in the background while you go about your everyday work or browsing and it can go undetected for a long time.

How to prevent cryptojacking

Be proactive. Your first line of defense against a malware attack is to use a comprehensive security solution on your family computers and to keep that software updated.

Cryptojacking Blocker. This new McAfee product zeroes in on the cryptojacking threat and helps prevent websites from mining for cryptocurrency (see graphic below). Cryptojacking Blocker is included in all McAfee suites that include McAfee WebAdvisor. Users can update their existing WebAdvisor software to get Cryptojacking Blocker or download WebAdvisor for free.

Cryptojacking Rising

Discuss it with your family. Cryptojacking is a wild concept to explain or discuss at the dinner table, but kids need to fully understand the digital landscape and their responsibility in it. Discuss their role in helping to keep the family safe online and the motives of the bad guys who are always lurking in the background.

Smart clicks. One way illicit crypto miners get to your PC is through malicious links sent in legitimate-looking emails. Be aware of this scam (and many others) and think before you click on any links sent via email.

Stick with the legit. If a website, an app, or pop-up looks suspicious, it could contain malware or javascript that instantly starts working (mining power) when you load a compromised web page. Stick with reputable sites and apps and be extra cautious with how you interact with pop-ups.

Install updates immediately. Be sure to keep all your system software up-to-date when alerted to do so. This will help close any security gaps that hackers can exploit.

Strong passwords. These little combinations are critical to your family’s digital safety and can’t be ignored. Create unique passwords for different accounts and be sure to change out those passwords periodically.

To stay on top of the latest consumer and security threats that could impact your family, be sure to listen to our podcast Hackable? And, like us on Facebook.

The post Cryptojacking Up 4,000% How You Can Block the Bad Guys appeared first on McAfee Blogs.