Cryptocurrency Detection
This page provides information on the Cryptocurrency Detection in Netify's Network Intelligence Engine. To learn more about our full suite of intelligence drivers, see our intelligence capabilities page.
Risk Overview
Effectively managing cryptocurrency applications and protocols is essential for maintaining a secure network, as it prevents the unauthorized exploitation of hardware resources and eliminates the hidden shadow IT channels that attackers use for ransomware coordination and data exfiltration.
Indicator Drivers
Cryptocurrency Application Driver
The Crypto Application indicator driver focuses on the application layer, identifying traffic associated with popular cryptocurrency exchanges and services such as Binance, Coinbase, and Dogecoin.
- Tag
- crypto_application
- Score
- Medium Risk - 35
- Version
- 1.2.0
Cryptocurrency Protocol Driver
The Crypto Protocol indicator driver is designed to capture the underlying "language" of mining, specifically targeting specialized protocols like Ethereum and Bitcoin.
- Tag
- crypto_protocol
- Score
- High Risk - 70
- Version
- 1.2.0
Cryptocurrency Server Driver
The Crypto Server indicator driver acts as a real-time reputation engine, utilizing live data feeds of known mining pool IPs, command-and-control (C2) servers, and dynamic seed nodes. Because the cryptocurrency landscape shifts daily, this driver continuously updates the Netify engine with the latest intelligence data.
- Tag
- crypto_server
- Score
- High Risk - 70
- Version
- 1.2.0