Skip to Main Content
Yes, your device can be hit with a cryptominer

Yes, your device can be hit with a cryptominer

There might be real reasons for complaining why your computer is not working correctly – it could be children, a cryptominer, or both.

“You need to do something about my computer,” said the wife. “It’s horribly slow. Yesterday it wouldn’t even shut down correctly. I bet there is some sort of virus on it or the kids have done something to it.”

She was at least partially right – the device was painfully slow at starting up. It was almost slow enough to get a coffee between pressing the power button and getting down to business – but not quite. So I gave her computer a brief look-over. Actually, I let the antivirus take a look, starting with a complete scan when I knew the wife would not be wanting to use her computer for a few hours. And then moved on to something else while the scan progressively wound its way through the hard drives.

Yes, your device can be hit with a cryptominer - in-post

Much to my surprise, about 107 minutes into the scan, something did pop up: PUA/CryptoMiner was detected in the “kids” user folder.

Yes, your device can be hit with a cryptominer - in-post

The suspect file was quickly moved into the safe quarantine area. Hmm, it looked like one child was doing something other than his online math and grammar homework. Yes, wife was correct – there was something not quite right on the computer and yes, something technical and something child-related was responsible for it.

What is a PUA CryptoMiner?

From the file path (C:\Users\k…Default\Cache\f_002ba9) this looks like it was a cryptominer JavaScript which was loaded via an infected website. “As a technical point, this doesn’t count as a device infection, since the mining stops when you close the infected website, and the remaining file is just cached, not active,” pointed out Mihai Grigorescu, virus analyst at Avira. He added that PUA/CryptoMiner.Gen is a generic detection, so there are a lot of different malware detected by this name.

There are two important words here – Cryptominer and PUA. As a cryptominer, this uses your device’s extra computing capacity to do the blockchain calculations needed to generate cryptocurrencies (for someone else). Second, it is considered a PUA or Potentially Unwanted App because it is not directly malicious.

Yes, your device can be hit with a cryptominer - in-post

Will this damage my device?

Probably not, but it will damage your mood … As cryptominers increase CPU use, they do increase energy use and potentially can shorten the lifespan of the CPU unit. But, the real cost is your time. Just think of the time spent waiting for the device to start-up, slower operation of simple things like spreadsheets, and those long periods of shutting down – that’s where the real cost is.

However, a PUA app may bring more unpleasantness to your life. PUA apps are known to bring in a host of other PUA apps and dubious advertisements. There is a risk that this app will upset your usual user online experience.

Do regular administration, but don’t run as the admin

As my child has demonstrated, it is important to do regular scans of your device. In addition, rooting out malware is easier when you – or your children — are not using the device as the admin. By running as a separate user, with fewer privileges than the admin, you make it a bit more difficult for malware and annoying cryptocurrency apps to infiltrate your device.

This post is also available in: FrenchItalian

As a PR Consultant and journalist, Frink has covered IT security issues for a number of security software firms, as well as provided reviews and insight on the beer and automotive industries (but usually not at the same time). Otherwise, he's known for making a great bowl of popcorn and extraordinary messes in a kitchen.