Cryptomining activity and mitigation

Hello All,

I am seeing lots of Cryptomining activity from a single user machines (Windows 10), ZIA detects it and blocks the URL sync.minepi.com:443, however when i check the user machine dont see any issues, AV is not detecting any issues on users machines.

can you please help me to what else i should check / consider on user machine to check the suspicious activity.

salman

Hello Salman

sync.minepi.com is indeed blocked as we have a Security Alert for it under: Cryptomining

The Pi coin is technically not live (it’s in beta) AND it’s key to note that there is no active mining like Bitcoin or Ethereum. The end user clicks a button, and coins will accumulate over some time. That’s why you won’t see any resource increase from an end-user/machine perspective. Of course this is Pi coin specific.

Your best bet is to continue blocking the Cryptomining category within ZIA.

Many Thanks,
Seb

Hello Seb,

Thank you very much for detailed information, yes i dont see any activity or issues with end user machine, however i am getting many security alerts from ZIA for specific end users.
we tried scan and checked installed softwares, we found a program related to PI Networks which we un-install from user machine, let see further.

ZIA is already blocking communication however i wanted to see how ti can clean end user machine

thanks once again.

Hi, thank you for your answer, could you please be more specific about the app you found related to PI Networks that you un installed? I really appreciate your help…