Using your office computer for personal use is one thing, but what about installing a cryptocurrency miner? Well, some employees might be doing just that.
In recent months, Microsoft has noticed a number of enterprise systems running coin mining software. One might think that hackers were behind the scheme, but Microsoft found that none of the systems were compromised. Instead, someone—likely an employee—decided to install a coin miner on the enterprise system and reap the rewards, the software giant said in a Tuesday blog post.
In January, Microsoft noticed over 1,800 enterprise machines running legitimate, but potentially unwanted coin mining software, up from just a few hundred systems that Microsoft encountered in October.
But it’s also no surprise. The value of many cryptocurrencies has ballooned over the past year. In particular, one virtual currency known as Monero can be mined simply by harnessing the CPU power of your computer.
However, generating some digital coin can drag down the machine’s performance, which can become problematic when those systems run critical business processes, Microsoft said.
The company hasn’t been the only security provider to report the issue. In January, Cisco’s Talos group also said it noticed a “large number” of enterprise users running coin mining software on their computers, possibly for their own personal gain.
Both companies said this mining can be trickier to block, since it’s technically sanctioned by the employee. Nevertheless, businesses should be mindful of the potential costs, especially if the trend catches on. Microsoft warned that the employee-sponsored cryptocurrency mining may “exponentially” spread to more computers, which can run up an electricity bill.
To stop the activities, Microsoft’s Windows Defender can block potentially unwanted programs, including coin miners. But the threat isn’t merely limited to employees. The ongoing cryptocurrency craze has also sparked a rise in Trojan malware that can deliver coin miners, too. On average, about 688,000 unique computers will encounter it, according to Microsoft’s latest stats.
Hackers appear to be moving from ransomware to covert cryptocurrency miners, the company added. “These developments indicate widespread cybercriminal interest in coin mining, with various attackers and cybercriminal groups launching attacks,” Microsoft said.
Last week, the company’s antivirus software stopped an outbreak of coin mining malware in Russia. Apparently, the malicious software may have have arrived as Trojans from file-sharing and internet download programs.