The new trend in digital crimes is to install virtual coin miners on others' PCs. The practice has increased by 44.5% worldwide since the end of 2017 and has surpassed the ransomware attacks (in which the thief hijacks the computer and calls for ransom), which were at the top of the ranking last year.
This type of scam draws attention when compared to the La Casa de Papel series. As in the production of Netflix, the proposal of mining Bitcoin or other cryptocurrencies is not to steal money, but to manufacture coins, in this case, virtual ones, with third party resources – PCs, cell phones, routers and even IoT devices. used.
READ: How to block websites that use your PC to mine bitcoin or monero
The analogy between the new scam (also called cryptojacking) and the assault that serves as a background for the series was Kaspersky Lab security analyst Santiago Pontiroli. dnetc spoke with the expert during the 8th Conference of Security Analysts for Latin America, which took place in Panama, last week. Understand what the new type of attack and the success series have in common.
La Casa de Papel compared to cryptocurrency mining Photo: Divulgao
Want to buy cell phones, TV and other discounted products? Meet Compare dnetc
La Casa de Papel and the Bitcoins
La Casa de Papel is the most watched non-English language series in Netflix's history, according to the streaming service. The series shows in an emotional way what would be the "perfect theft" from the point of view of charismatic thieves with city names (Berlin, Tokyo, Rio, Nairobi Denver, Moscow, Helsinki and Oslo).
The plot shows a Spanish Mint assault. Commanded by the Professor, the group of eight people invades the site with the aim of printing their own money, about 2.4 billion euros. They stay in the building for a few days with 67 hostages, while the police do everything they can to get them. One of the differentials of the series for other productions about great robberies is the fact that the protagonists believe that nobody will be stolen.
In the case of Bitcoins, the manufacture of virtual money is done through complex mathematical operations. In theory, anyone can make coins. What makes the process difficult is that it requires a lot of computer capacity and uses a lot of energy. Therefore, malicious miners invade the computer of several users, making hostage machines, and use their resources to generate coins. All of this without the equipment owner knowing about it.
When a PC infected by a miner, all of its processing capacity goes into the execution of this task, overloading the processor and the video card any similarity to the character Nairobi, just coincidence: I want the machines working 24 hours, as if it were a techno rave. !", she says.
In series, Nairobi is responsible for counterfeiting machines. Photo: Divulgao
The computer becomes part of a network of thousands of machines, generating money that goes into the hacker's pocket. The device can be slower, leaves other important operations in the background and also consumes much more energy. The damage can be seen in the electricity bill. No wonder that mining grows more in countries like Venezuela and Bolvia, where electric energy is cheaper and the victim can pay the bill a little more expensive without suspicion.
When it comes to the invasion of cell phones, there are reports of devices that have even distorted the demand for energy and processing caused by the installed miner. Other devices can be used. Recently, an attack like this infected 200,000 routers worldwide, 72,000 of them in Brazil.
Companies and data centers, with their enormous capacity, are also on the list. Corporate environments and data centers have almost unlimited resources and are easy prey for miners. They take advantage of exposed vulnerabilities and even legitimate system tools. Critominers are following the same path as ransomware: first home users, then business users, explains Pontiroli, recalling the WannaCry case, in which, although the security update was already available, many companies had not updated it.
The transaction to generate virtual currencies is done in Blockchains and is anonymous by default Photo: Divulgao
Miners can operate mainly in three ways. The oldest is through the installation of a malicious program. The miner can come with any other file downloaded from the Internet and run in secret. Another possibility, which has become more common, is the use of websites that, once opened by users, execute a script in the browser and already begin to explore the PC's resources. In this situation, nothing is downloaded to the PC.
In other cases, a mobile application may be to blame. Santiago explains that, in general, malicious apps really do their job: watching the football game, for example. But, once installed, they require administrator permissions and send out a lot of notifications. They are even capable of physically damaging the device, destroying the battery, by using the full potential of the cell phone.
The numbers indicate yes. In 2013, 205,000 users were attacked by cryptomineers. In 2016, there were almost 2 million victims. In 2017, the targets reached 2.7 million. As the value of virtual money increases, so does the number of people interested in it.
According to Pontiroli, it is estimated that the bandits can at least reach US $ 30 thousand per month with this type of scam (about R $ 116 thousand). For them, the risk is low. Unlike ransomware, cryptojacking is discreet. If in the case of PC hijacking there is a risk that the police will be able to track down the culprit, the Bitcoin miner, on the other hand, is able to stay hidden for a long time. This is probably why the number of ransomware attacks dropped by 30% while cryptominer attacks increased by 44.5% in 2017.
Website shows updated bitcoin market value Photo: Reproduo / Real Time Bitcoin
Pontirolli even believes that the chance of being found is minimal, since transactions use Blockchain technology: it is very difficult to track this type of attack because they are encrypted operations, totally anonymous by default. In addition, it would be necessary to join forces between private companies and the government – and today they have greater concerns than that, he laments.
The discussion around cryptocurrency mining is complex. For Pontiroli, it is almost philosophical, since scammers are not stealing Bitcoins from anyone: the most complicated part that is still not considered illegal, such as ransomware or the theft of bank credentials. The money they manage to produce was never yours.
The issue, then, is the irregular use of third party resources to generate wealth, without them having any power over the process. They use the victim's device, the victim's energy, but the money doesn't go to the victim, but to the criminals. Miners are not necessarily malicious applications. But when the user is unaware of his presence, we encounter a problem, says the security analyst.
In La Casa de Papel, the Professor and his gang believe that no one will be stolen Photo: Divulgao
In La casa de Papel, there is an emblematic scene, in which the Professor explains to the Inspector of Police Raquel Murillo his moral justification for invading the Central Bank:
You learned to see everything in terms of good or bad, but that's what we're doing, I know you wouldn't mind if it was done by others. In 2011, the European Central Bank made 171 billion euros out of nowhere. We are doing the same, only in style. 185 billion in 2012, 145 billion in 2013. Do you know where all that money went? In banks, directly from the factory for the wealthier. Did anyone say that the European Central Bank was a thief? Injection of liquidity they called. And they took it out of nowhere * the Professor takes a euro bill and tears it in front of Raquel * What is that? Nothing here. That role. I'm doing a liquidity injection.
Although the criminals of La Casa de Papel consider themselves resistance or Robin Woods, by injecting more money into the economy in an improper way, in fact, with inflation, they must have taken away the purchasing power of the population. That the series does not show.
In the production of Netflix, the fact that the group is not directly stealing money has meant that public opinion did not consider them as villains. In real life, many viewers not only considered them the heroes of history, but also rooted for the group's success even knowing the crimes they committed during the assault, such as assault and rape.
Characters from La Casa de Papel consider themselves "the resistance" Photo: Divulgao
La Casa de Papel does not reveal (at least, in the two seasons available so far on Netflix) how the Casa da Moeda recovered from the loss, if taxes increased in Spain, how inflation was and if the population, in the end, had to bear the consequences of the theft.
In the case of cryptocurrency mining, users quickly learn the end of the story. For the victims, the costs can be high and arrive more precisely, at the end of the month, with the electricity bill or when the phone data plan is burst.
If you don't consider it nice to use your devices to mine Bitcoins, Monero, Ethereum, Litecoin or other species and you are not interested in helping them, know that identifying the presence of a miner can be less complicated than it seems. When entering the Internet, does your PC make more noise than usual? This can be a sign, just like the cell phone battery running out very fast.
It is quite easy to notice that something is wrong with your device. These malware consume the device's resources to the point of saturating them. To do this, you need to monitor your PC or smartphone (data consumption, battery, permissions). In addition, install a blocker script in your browser, keep the operating system up to date and use legitimate software instead of pirates, says Pontiroli.
Another important tip is to disable the installation of apps that are not only from official stores and only download programs from trusted sources, such as Google Play Store, App Store, Windows Store. Having a reliable security solution (an antivirus) that will know what's going on with your browser and the programs installed on your device is also a good request.
Now, if you consider mining Bitcoin on other people's PCs as an act of resistance as well as showing pertinent criticism of capitalism in series, there is only one thing to say: "bella ciao, bella ciao, bella ciao, cia, ciao!"