Back to School Warning Against Malicious Crypto Miners

Neil Dennis

Kaspersky Labs, the cyber security firm, has warned as students go back to schools and colleges for the new academic year that computer viruses are becoming more prevalent when downloading work and study-related materials.

The cost of textbooks and other study aids prompts many students to seek less expensive, or even free, alternatives. But malicious content can be encountered among much of this material: essays, study guides, textbooks and other sources.

This malware includes cryptomining programs that will surreptitiously mine digital assets for their owners and sap the processing power of the infected computer and possibly push up the household's electricity bills.

A study by Kaspersky of its users showed that cybercriminals targeted the field of education more 356,000 times, 233,000 of which were malicious essays.

Types of Malware

The four most popular types of malware used by cybercriminals targeting educational material were as follows:

  • 4th - MediaGet torrrent application downloader: This downloader will retrieve a torrent client - a software protocol that allows the transfer of data between computers linked to the internet without the need for a central server.
  • 3rd - WinLNK.Agent.gen downloader: As a rule these downloaders launch malicious cryptomining programs.
  • 2nd - Win32.Agent.ifdx malware downloader: Again, most commonly this type of malware downloads cryptominers, but can also download spyware and ransomware.
  • 1st - Stalk worm spamming: Stalk is dangerous because it can infect other devices on the local network or through flash drives if students save material for printing at school. The malware can download other malicious applications to the infected device and copy and send files from the computer to the malware owners.

Trans-Fee-Mining Exchanges' Market Share in Decline - Report

  • TFM exchange volume down 53% in September
  • Only 32% of crypto trading volume is TFM volume

According to the latest exchange report from CryptoCompare (September), the trade volume on “trans-fee-mining” -- or transaction fee mining (TFM) -- exchanges dropped dramatically between August and September, more than halving. The overall proportion of transaction volume in the crypto markets comprised of TFM has thus declined significantly during this period.

Overall volume by fee-typeSource: CryptoCompare

Specifically, trade volume on TFM exchanges accounted for $174 billion during September, down from $375 billion during August. The more classical taker-fee exchanges, which charge a small percentage to execute a market order, typically outdo trans-fee exchanges even if only slightly. But during September, they exchanged $358 billion, up from $355 billion in August, far out-trading TFMs.

Transaction fee mining (or “mining”) occurs when users are rewarded, rather than taxed for executing orders on an exchange. Typically, exchanges allow free trades for users posting limit orders, which are orders set at a certain price. Otherwise, if users want to buy or sell immediately at whatever the current price is, they are usually charged a small fee. The rationale here is that exchanges want as many users as possible to post orders, so that order books are nice and thick (traders like liquidity).

Trouble With Trans-Fees

The TFM exchanges go one step further by rewarding all users just for trading on their exchanges, with in-house tokens. The idea is, again, to attract more traders and thus more liquidity.

In a sense, this model is the epitome of speculation, whereby users accrue large quantities of tokens betting that they will someday be worth more. Some have claimed, however, that this incentive encourages “wash trading,” an unwelcome form of market liquidity that is actually banned in traditional, regulated markets. This is when the same entity, or colluding entities, trade back and forth with each other.

In traditional markets, this is done in order to manipulate assets’ prices and set up exploitative trades. Here, the goal would be different but the effect is still undesirable: exchanges with high transaction volume but low order book depth may result in erratic price changes on cryptoassets. CryptoGlobe tackled the question last year of whether or not this sort of trading constitutes “fake volume.”

In CryptoCompare’s June 2019 Exchange Benchmark guide (pdf available here), exchanges employing the trans-mining model were generally classified as “Lower Quality,” despite volume on such exchanges rising as a percentage of the total market at the time. It seems that the trend may be shifting again.

Featured image via Pixabay.