Cryptocurrency Detection
Cryptocurrency Detection Intelligence
The following page provides information on the Cryptocurrency Detection indicator drivers included in Netify's Intelligence engine.
Overview
Effectively managing cryptocurrency applications and protocols is essential for maintaining a secure network, as it prevents the unauthorized exploitation of hardware resources and eliminates the hidden shadow IT channels that attackers use for ransomware coordination and data exfiltration.
Other Intelligence Info
Intelligence OverviewIntelligence Catalog
Intelligence Categories
Intelligence Release Log
| Score | Description |
|---|---|
| 0 | Informational |
| 1-25 | Low Risk |
| 26-50 | Medium Risk |
| 51-75 | High Risk |
| 76-100 | Critical Risk |
Indicator Drivers
Cryptocurrency Application Driver
The Crypto Application indicator driver focuses on the application layer, identifying traffic associated with popular cryptocurrency exchanges and services such as Binance, Coinbase, and Dogecoin.
| Tag | Default Score |
|---|---|
| crypto_application | 35 - Medium Risk |
Cryptocurrency Protocol Driver
The Crypto Protocol indicator driver is designed to capture the underlying "language" of mining, specifically targeting specialized protocols like Ethereum and and Bitcoin.
| Tag | Default Score |
|---|---|
| crypto_protocol | 70 - High Risk |
Cryptocurrency Server Driver
The Crypto Server indicator driver acts as a real-time reputation engine, utilizing live data feeds of known mining pool IPs, command-and-control (C2) servers, and dynamic seed nodes. Because the cryptocurrency landscape shifts daily, this driver continuously updates the Netify engine with the latest intelligence data.
| Tag | Default Score |
|---|---|
| crypto_server | 70 - High Risk |