Cloudpassage Halo policy for detecting Bitcoin miners CPUMiner and CUDAMiner
Switch branches/tags
Nothing to show
Clone or download
Pull request Compare This branch is 4 commits ahead of ashmastaflash:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

#Detect Bitcoin miners CPUMiner and CUDAMiner

Version: 1.0
Author: Ash Wilson - @ashmastaflash

This is a simple policy for detecting the presence of two Bitcoin mining programs, CPUMiner and CUDAMiner. The CPUMiner check demonstrates a process existence check and the CUDAMiner check looks for the existence of a binary in the filesystem.

##List of Files

  • minerdetection.policy.json -- The policy file for uploading into the CloudPassage Portal
  • -- You're looking at it.
  • LICENSE.txt

##Requirements and Dependencies

  • A CloudPassage Halo account (Pro or Enterprise level subscription)
  • This policy is focused on securing Linux operating systems


  1. Download the minerdetection.policy.json file to your workstation
  2. Log into
  3. Mouse over "Policies" and select "Configuration Policies"
  4. Click on "Import Policy" and select the minerdetection.policy.json file you downloaded in step 1.

##Usage ###Assign the policy to your server groups:

  1. Select Servers
  2. For each Server Group you wish to apply this policy to, select "Edit Details" and select this policy under "Configuration"
  3. The configuration check will automatically run for all hosts within the Server Groups you have the policy assigned to at the regular interval.