Security

How a malicious USB could lead to a years-long cryptomining infection on your PC

Despite their ubiquity, USB devices remain a critical cybersecurity threat.

Since 2015, at least, USB devices have been used to spread cryptocurrency mining software, according to a Tuesday report from Kaspersky Lab. And due to their hidden nature, some victims could have been carrying a malicious cryptominer around for years without knowing it.

Cryptomining malware works by hiding in your PC and commandeering your processing power to mine cryptocurrency for hackers. Essentially, these tools use your computer's power to make money for the bad guys. And, if you aren't careful, these infections can stick around for a long time. For more information on how to detect and prevent cryptomining malware, check out this TechRepublic article.

The most popular bitcoin miner, Trojan.Win64.Miner.all, continues to spread. For all removable media infection in 2018, 9.22% were targeted with this malware. That number is up from 6.7% in 2017, the report said.

Other top threats associated with USBs and other removable media include the Windows LNK family of Trojans, the 2010 Stuxnet exploit (CVE-2010-2568), and the Dark Tequila banking malware, the report said. Emerging markets in Asia, Africa, and South America were highly-targeted, but these kind of attacks were also found in Europe and North America.

One of the main issues with USBs is that they've been around so long, many people don't understand them as a threat vector. Or, they really want to see what's on a given device.

SEE: Information security policy (Tech Pro Research)

"In 2016, researchers from the University of Illinois left 297 unlabelled USB flash drives around the university campus to see what would happen," the report said. "98% of the dropped drives were picked up by staff and students, and at least half were plugged into a computer in order to view the content. For a hacker trying to infect a computer network, those are pretty irresistible odds."

Public charging stations for smartphones often include just a USB port for which one can connect their charging cable, but these are dangerous as well. In fact, companies have started selling USB " condoms" that only enable charging, while prohibiting data transfer.

"USB drives offer many advantages: they are compact and handy, and a great brand asset, but the devices themselves, the data stored on them and the computers they are plugged into are all potentially vulnerable to cyberthreats if left unprotected," the report said.

For USB users, the report recommends being extra careful about what devices you allow to connect to your computer. The report also suggested only purchasing USB devices from trusted brands, and encrypting the data on the USB device as well. Also, implement a security solution that will check removable media for malicious software.

The big takeaways for tech leaders:

  • Cryptomining malware is increasingly being delivered through USB devices and other removable media, and the infections can go unnoticed for years. — Kaspersky Lab, 2018
  • 9.22% of all removable media attacks contained the Trojan.Win64.Miner.all malware. — Kaspersky Lab, 2018

Also see

mining.jpg
Image: iStockphoto/Nuthawut Somsuk

About Conner Forrest

Conner Forrest is a Senior Editor for TechRepublic. He covers enterprise technology and is interested in the convergence of tech and culture.

Editor's Picks

Free Newsletters, In your Inbox