How do you detect coinminers?

[kmuland]

We are living in 2025 on planet Earth (not faeryland).
Guys releasing software for free are really really really few.. and today its a problem trying to find new software and be sure that it is free of miners.
I was used to get portables of every software.... but today I cant trust on anyone that release a commercial software portable "just for free", and just as easy as "click" "download" "unrar". Everyone want to become rich mining crypto currencies nowadays.

Of course using an AV, malwarebites or similar toys are for kids (the evil greedy guys are not idiots of course, and they check against these tools).
I bet that many 3D gamers are not aware of the problem.. powerful GPUs/CPUs dozen of fans making noise constantly.... for me would be hard in these machines to detect the presence of that malware.

So my question is:
what are you using nowadays to detect miners running on your computers when idle?

[Nokiamies]

It depends on coinminer. If it is jabbajavascript based on some website you can tell if it tried get too much cpu time. Best you can do is block JS by default with something like Ematrix, disable WASM and try avoid untrusted sites that try force on JS.

As for programs there is no 100% working way as it is mix of things. First of all I would have something like process hacker 2 for monitoring full network traffic. Then using something else to monitor GPU idle usage like hwmonitor. If gpu usage keep cranking up high while idle that is usually sign of some process utilizing it. For network you need understand what is normal and what is not normal connections and I cant really explain it properly, but you can detect if some program that should not make requests keep making them constantly to some odd ip address. It might also be telemetry or other spyware activity.