System, device, and method of detecting cryptocurrency mining activity
US11089049B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | May 24, 2018 |
| Grant date | Aug 10, 2021 |
| Priority date | — |
| Expiry date | Mar 13, 2040 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/144
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system monitors network activity of an end-user device that communicates with servers over a communications network. The performs analysis of packets of data that are transported via the network. The system detects a first set of communications in which a first server infects the end-user device with a cryptocurrency mining malware; a second set of communications, in which a second server activates the end-user device as an activated cryptocurrency mining bot; and a third set of communications, in which the second server allocates a cryptocurrency mining task to the end-user device and later receives a cryptocurrency mining output from the end-user device. The system determines that the first server is a malicious infecting web-server; that the second server is a malicious Command and Control server of a distributed bot-net of cryptocurrency mining bots; and that the end-user device is an infected and activated and operational cryptocurrency mining bot.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.