The Tricky Task of Separating the Legitimate from the Illegal Use of Crypto Mining

DOTMAGAZINE: What is crypto mining?

RALF BENZMUELLER: Crypto mining is the process of solving complex computational tasks that are needed to carry out transactions with crypto currencies. The reward is usually paid in coins of the respective crypto currency

For single computers that hardly pays off. But if an attacker has access to all infected machines in a botnet, or gets access to a cloud server farm, this becomes profitable. If attackers control a web server, they can integrate JavaScript code that starts the mining process and keeps it running as long as the visitor stays on the website and sometimes even longer. This is referred to as “crypto jacking” or “drive-by-mining”.

DOT: Are there also legal and legitimate use cases?

BENZMUELLER: Mining on websites is a nice example of how tricky it is to tell the difference between the legal, legitimate, and illegal use of crypto mining. If a visitor is aware of the mining and has given his or her consent, this can be considered legal. But in the majority of cases the mining process is running in the background and the visitor neither knows about it nor gave their consent. In this case it may be considered illegal. Cases where a visitor is informed about the mining, but has no way to stop it or control it, may be considered borderline illegitimate cases. 

DOT: Is transparent use of crypto mining really a practical possibility for financing online offers?

BENZMUELLER: Usually web portals and apps are financed by ads. But there are alternatives, and crypto mining is a new way to monetize web services and apps. The amount of money you can make depends mainly on the number of visitors/users and the time they spend on the site/app. Small portals where people stay just a few minutes may just generate a few Euros per month. But popular offers where people stay for a while may generate 20% or more of the advertising revenue. Crypto mining will not replace ads, but it may become an additional source of income.

DOT: How will legitimate use cases function in conjunction with anti-virus software? Will anti-virus software end up blocking all crypto mining, including the legitimate cases?

BENZMUELLER: Currently it is still possible to automatically tell criminal crypto jacking from legal uses of crypto mining. If more websites adopt this payment opportunity, the effort for AV vendors to make an appropriate decision may increase. This is similar to adware and Potentially Unwanted Programs (PUP). There is a long history of handling PUPs and adware. The companies behind these are already demanding more attention than other malware. So in future, Drive-By-Mining sites may demand an increased effort, too.

DOT: How do you expect the crypto mining scene to develop over the next couple of years?

BENZMUELLER: This is hard to say. The field of crypto currencies is so unpredictable. But if legal crypto mining is adopted, I hope that these adopters will stick to a set of fair rules of play, like those we have outlined in the whitepaper “Legitimate Use of Crypto Mining”, which make sure that visitors know about the activity, can control it, and are not deceived. 

DOT: Can you tell us something about your work at GDATA?

BENZMUELLER: In the G DATA SecurityLabs, I was responsible for the research and development of proactive detection technologies and the design of the automated malware analysis systems. In my current position, I’m responsible for research cooperation, technology partnerships, and malware information.

G DATA SecurityLabs was established in Bochum in 2004 under the leadership of Ralf Benzmüller. There, he was responsible for the development of efficient analytical procedures and the integration of proactive protection technologies against malware threats. Ralf Benzmüller is the author of many specialist articles on online threats. He is, among other things, a member of the BSI Expert Circle for Cyber Security and of the the eco Competence Group Security, and teaches at several third-level institutions.