It’s not just user naivete that makes malware a threat

If you follow stories about digital security, it’s easy to get the idea that most malware works because people are gullible and easy to manipulate.

If we’re not clicking dodgy links, we’re refusing to stop using the same easy-guess password for everything. In 2017, a survey of leaked data revealed the most common passwords still in use; no prizes for guessing what they were.  

(Yep: 123456 and password topped the list. Again.)

Thing is, this narrative can conceal the fact that you don’t have to be a rube to pick up some dodgy code online and import it into your organization’s network or your home computer.

One of the most headline-grabbing forms this has taken recently has been the use of website code injections to spread blockchain mining code to visitors’ computers.

Code injections 101

Let me translate that into English for non-tech readers:

A website code injection is when JavaScript is used to make your computer do things. The problem here is that, along with HTML and CSS, JavaScript is one of the core code tools of the internet. Most websites you visit use Javascript to make your computer do things, like show you dynamic content in the web page.

Maps, weather and a billion other widgets rely on Javascript. Criminals love Javascript because it’s everywhere and it doesn’t need your OK to run. As soon as you visit an infected website, boom, they’ve got you.

This code can do anything, and it doesn’t just stay on the website you’re visiting. Javascript files are automatically downloaded from websites to your computer to let them do their job.

That means a code injection attack can turn a normal, safe website into a malware outbreak – and you don’t have to do anything wrong to be affected.

Why steal CPU time? Bitcoin

The reason you’d want to do this for a cryptocurrency is actually pretty simple: cryptocurrencies rely on ‘proof of work’ to function. It takes a certain number of CPU cycles to create each Bitcoin – a good example, since Iceland now uses more energy to mine Bitcoin than to heat homes.

This means that to create Bitcoins – each one worth around $11,000, so it’s worth a try – you need as many CPU cycles as possible. So, why not use someone else’s?

(Because it’s wrong. And illegal. But supposing you don’t care about that? No reason in the world.)

Heimdal Security identified a server associated with this activity, which was hosting websites that were spreading malicious code. The code was both stealing CPU time (basically, clogging up the computer’s ‘brain’) to mine Bitcoin, and stealing information from Bitcoin wallets if they were present.

So what can you do to protect yourself?

Protect against code injections

That’s tricky.

It starts with real-time web protection – get a serious antivirus and set it to real time and to scan daily. It makes good sense to backup daily too. A restore from a clean backup point is the easiest and most complete way to get clear of a malware attack.

If one does happen, stop using the affected computer, restore from a clean backup, then scan, and finally change your passwords.

Right now, that’s the best you can do to defend yourself against these specific threats.

For broader threats against your security and privacy, it’s sensible to reach for anonymity and encryption, which means using a VPN. To learn more about how a VPN can protect you online, check out our VPN functionality explained guide.

VPN Adviser
VPN Adviser

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.