Criminals could be secretly mining cryptocurrency on your computer, especially if you live in Asia Pacific: Microsoft study

Soumil Kumar from Pexels

As the value of virtual currencies rise, cyber-criminals are also increasingly turning to cryptocurrency mining for a quick buck – and if you live in the Asia Pacific (Apac), your chances of encountering such an attack are higher than the global average, tech giant Microsoft has found.

According to a report by the American firm, from January to December 2018, the cryptocurrency mining malware encounter rate in Asia Pacific was nearly 1.2 times (17 per cent) higher than the global average.

In particular, India, Sri Lanka and Indonesia recorded the highest encounter rates in the region.

In this form of attack, cyber-criminals use malware to mine cryptocurrency coins on the computers of unsuspecting victims.

“This approach allows (cyber-criminals) to leverage the processing power of hundreds of thousands of computers. Even when a minor infection is discovered, the anonymous nature of cryptocurrency complicates efforts to track down the responsible parties,” Microsoft said in a statement on Friday (March 22).

Part of the reason for this growing trend is that unlike ransomware, cryptocurrency mining does not require user input. Because mining happens in the background while the user is performing other tasks, users are less likely to be aware or take any action to remove the threat.

Another driver of the trend is how easily available off-the-shelf products for covert mining are, Microsoft said.

“The barrier to entry is low because of the wide availability of coin mining software, which cybercriminals repackage as malware to deliver to unsuspecting users’ computers,” it added.

The weaponised miners are then distributed to victims using many of the same techniques that attackers use to deliver other threats, such as social engineering, exploits, and drive-by downloads.

But cryptocurrency mining is not the only threat that is more prevalent in Apac. According to Microsoft’s 24th Security Intelligence Report (SIR), other than cryptocurrency mining, there were also higher instances of three other types of cyber-threats – malware, ransomware and drive-by downloads – detected here.

The annual study includes insights from 15 markets in the Asia Pacific, namely: Australia, China, Hong Kong, India, Indonesia, Japan, Malaysia, New Zealand, Philippines, Singapore, South Korea, Sri Lanka, Taiwan, Thailand and Vietnam.

More malware encounters in developing markets

Among the threats studied by Microsoft was malware, which can lead to many disastrous scenarios including data loss, intellectual property theft, monetary loss and more.

While the global malware encounter rate decreased by 34 per cent in 2018, it was 37 per cent higher than the global average in the Apac region, Microsoft said.

In particular, the developing markets of Indonesia, Philippines and Vietnam had the highest malware encounter rates in the region.

According to Microsoft, malware exposure is caused by poor cybersecurity hygiene and low user security awareness.

This can come in the form of using pirated or unpatched software, and visiting potentially dangerous websites such as file-sharing sites.

In Apac, the lowest malware encounter rates were recorded in Japan, Australia and New Zealand.

“These locations tend to have mature cybersecurity infrastructures and well-established programs for protecting critical infrastructure and communicating with their citizens about basic cybersecurity best practices,” Microsoft said.

Ransomware still a threat

The study also found that while ransomware encounters have decreased by 73 per cent globally, they are still a threat in the Apac region.

In fact, the encounter rate of ransomware here was 40 per cent higher than the global average in 2018. The countries with the most ransomware encounters were Indonesia, Vietnam and India .

Despite the global fall in ransomware attacks – partly due to increased user diligence – the severity of these attacks have not declined, Microsoft cautioned. It added that these attacks could lead to the crippling of critical services such as hospitals, transportation, and traffic systems.

Drive-by Download Pages

Another threat that was more prevalent in the region was drive-by downloads, which Microsoft said happened around 22 per cent more in Apac compared to the rest of the world.

A drive-by download is an unintentional download of malicious code to an unsuspecting user’s computer when they visit a web site, even if the user doesn’t download anything. The malicious code could be used to exploit vulnerabilities in web browsers, browser add-ons, applications, and the operating system.

More advanced drive-by download campaigns can also install ransomware or even cryptocurrency mining software on a victim machine.

In 2018, the highest concentration of drive-by download pages were in Taiwan, Malaysia and Indonesia, Microsoft said.


“Undoubtedly, cybersecurity is one of the most pressing issues for organisations today. As cyber-attacks continue to increase in frequency and sophistication, understanding prevalent cyber-threats and how to limit their impact has become an imperative,” said Eric Lam, director of Microsoft Asia’s cybersecurity solutions group.

Lam added that a holistic strategy that includes prevention and detection and response is needed to prevent cyber attacks as well as strengthen trust in technology.

“Measures such as preventive controls as well as the adoption of cloud and artificial intelligence to augment security operations will play a vital role in building organisational resilience and facilitating meaningful risk reduction within their organisation,” he said.