Cryptocurrency Miner Detection

Detect cryptojacking - unauthorized use of a computer to mine cryptocurrency

This RocketApp provides MSPs the ability to detect crypto miners on managed customer endpoints. Miners pose critical threats to small-medium business networks and when detected, they are probable indicators of further malicious activity in that customer environment.

Cryptojacking occurs when a miner client is downloaded to a system or by visiting a website with an embedded javascript miner. While the impact of stealing computing power is causing a rise in electricity bills, bandwidth consumption and the slow down of computer resources, it has become a new vehicle for attackers to deliver ransomware, malware and creation of backdoors. When crypto miners are detected, you have the option of sending alerts to your PSA, receiving email notifications and/or generating white labeled reports.

OS Support:
Windows Workstation 7, 8, 8.1, 10

Windows Server 2008, 2012, 2016

Card image cap

Monitors for Cryptojacking, the unauthorized use of a computer to mine cryptocurrency. Detects for endpoint presence and in-browser javascript miners.

Presenting Crypto Mining Data

Demonstrate evidence that SMBs just get

It’s critical you choose the best method for presenting data to your customers. The good news is that MSPs don’t need a PhD in algebra to demonstrate cryptojacking concerns that have historically been invisible to small businesses.

Data visualization of cryptocurrency mining data with RocketCyber refers to showcasing data, numbers, tables and charts. When it comes time for your security discussion, you’ll now have an engaging conversation with evidence of activity that draws conclusions for the SMB owner with informative decisions. Don’t let cryptojacking theft go undetected – extend cryptocurrency miner monitoring to SMBs.

Created with Highcharts 10.3.3Total detections by crypto / hostCryptocurrency Miner DetectionsClick the columns to view detected hosts.222211117755442288CoinhiveCryptolootXMRigCGMinerBitminterEasyMinerOther0510152025Cryptocurrency MinersOther: 8

This table represents a sample overview of suspicious miners detected.

Host name Date/Time Miner Process IP Source
BAUSTIN 10/16/18 10:57:35PM Coinhive coinhive.exe 46.148.22.x
DANIEL 02/16/19 11:27:35AM Cryptoloot crypta.js 89.234.157.x
CBANZHOF 12/24/18 09:00:14PM XMRig xmrig.exe 195.154.250.x
ANGELINA 03/16/18 02:17:39PM CGMiner cgminer.exe 58.62.55.x
SHAKIRA 04/22/19 10:03:14PM Cryptonight notepad.exe 213.251.182.x

Get Advanced Threat Protection today with RocketCyber.

Gain visibility into Endpoint, Network and Cloud attack pillars.