“Cryptojacking has surpassed ransomware as one of the biggest cybersecurity threats, but this is often overlooked.”
Simultaneously with the emergence of such a concept as cryptocurrency, the concept of mining appeared – the extraction of cryptocurrency through computational operations. However, with the advent of mining, another definition appeared, which few people know about – crypto-jacking..
What is cryptojacking
During the boom in cryptocurrencies, miners built powerful machines and ran them around the clock. Discrete graphics cards traditionally sold to gamers and 3D designers have risen in value, and entire server farms have been assembled for the sole purpose of mining cryptocurrencies. Then, when the crash hit in 2018, people learned that the value of the cryptocurrencies their machines could mine were not enough to pay for the electricity the farm was using..
A recent study by Kaspersky determined the amount of power consumption and the impact of cryptocurrency on the environment. By some estimates, the total amount of energy consumed by bitcoin miners around the world is comparable to the total energy consumption of the Czech Republic, a country of over 10 million people..
Less “noble” cryptocurrency miners soon found the perfect solution – to use someone else’s computer to do their job, and use it to pay the bill. Cryptojacking was born. Using many of the same tactics used to spread ransomware, attackers are now infecting millions of computers across thousands of networks with malware that mines digital currencies and sends funds directly to their anonymous digital wallets..
To do this, criminals tend to rely on social engineering tactics to trick the victim into downloading malicious code onto their computers and wider networks. Another method, which requires a little more technical knowledge, is to inject malicious scripts into a vulnerable website or application and deliver it to the multitude of computers that access it. Then the hacker makes huge profits from cryptocurrencies from network mining at someone else’s expense.
Crypto hacking scenarios are now widely available on dark web sites in the form of “malware”. This trend allows almost everyone to participate, regardless of their technical skills. Worst of all, cryptojacking doesn’t require any downloads and scripts run silently so they can run for a long time without being detected. The most popular cryptocurrencies for this are lesser known ones like Monero and Zcash, because they make it harder to track illegal activity compared to the much more common bitcoin..
While it is true that malicious mining is far less destructive than ransomware and many other cyber threats, that doesn’t mean it should be taken lightly. Cryptojacking attacks can lead to direct and indirect business losses. After all, the victims are the ones who pay for all the computing power used. In addition to a significant increase in electricity consumption, mining increases equipment wear due to the presence of processor cores, including those belonging to discrete video cards, which work overtime to extract dishonest cryptocurrencies..
These direct costs are compounded by the fact that attacks using cryptographic cracking often go unnoticed for many months and it is often difficult to determine their true cost. A recent study by Kaspersky found that after maliciously mining cryptocurrency for two consecutive days using malicious mobile mining software, the batteries of the infected devices began to overheat and even warp phones..
All this wasted bandwidth also reduces the speed and efficiency of the available compute workloads. Most of us have faced an unpleasant situation when our computers “freeze” due to the fact that the program was using all available resources. While there are many legitimate cases for this, such as automatic updates or resource-intensive background tasks, malicious mining can be one of the reasons for your gadget’s slow performance..
If you have cryptojacking (malware that secretly mines on your device), it can cause serious performance issues that will immediately affect your users and then your customers (if you are a businessman). If, for example, you are targeting the medical business, staff will not be able to quickly and reliably access critical patient health information..
At first glance, this may seem like a simple hack, but cybercriminals who carry out such attacks may be more risky than just parasites. Like ransomware, the cryptojack itself can be used as bait to divert attention from even more serious attacks. Other attacks could be combined with fake antivirus software to bombard victims with advertisements claiming that they must pay to clean their devices in an alarming mixture of malicious mining and ransomware. At first glance, the attacks may look financially motivated, but the real end goal may be malware hacking to overload infected systems and cause physical damage..
Examples of cryptojacking
Here are a few use cases for cryptojacking:
- In March 2018, it was discovered that attackers using cryptocurrency were targeting GitHub users. They forked random GitHub projects and hid malware in a directory structure. The software was uploaded to the systems of victims who were lured by phishing ads.
- May 2018 witnessed the infamous Mass Miner campaign created by the Panda group. This group is known for using the Monero cryptocurrency. The malware was found to spread to other local hosts after the target was compromised.
- The Bangladesh Embassy website was hacked for crypto mining in February 2019. Malicious Word documents were circulated and special software was embedded in visitors’ systems.
- In June 2019, an attack was carried out targeting Linux servers to spread the Golang malware. Hacked Chinese e-commerce site used to store malware.
How you can protect yourself from cryptojacking
First, you need to detect this type of threat. First of all, you don’t even need to know what crypto mining is to notice problems with your device..
Most antivirus programs detect malware right from its entry point. If you are not using such a program, there are several signs:
- Slow response time
- High CPU load
- Fast battery discharge
- Increased fan noise
If you are experiencing any (or all) of these symptoms, checking for anti-malware is a good next step..
You can also use Opera’s Cryptojacking test to see if your device is secure..
After that you can go to the browser.
First of all, if a cybercriminal messes up the scripts of a website, the owners must find it. However, there is a way to find out on your own..
- If your computer slows down while browsing, open Task Manager (Windows) or Activity Monitor (Mac).
- From there, see if your browser is using too much CPU resources. If so, leave the site and see if it changes..
- If you have multiple tabs open, check which one makes the most efficient use of your system’s resources. (In Chrome, you can do this through the built-in task manager.)
How to prevent a cryptojacking attack
As Benjamin Franklin said: “An ounce of prevention is worth a pound of cure.”.
The best way to keep yourself safe from crypto hacking and other malware is to have up-to-date antivirus software..
Here are the ways that users can protect themselves in order to fall victim to an attack:
Watch for jumps in CPU usage (Central Processing Unit)
A sudden spike in CPU usage or longer web page load times may indicate a crypto mining attack..
In many cases, the malware only uses the unused processor power of the computer, reducing the risk that the user realizes that he is infected and removes the malware. However, it is not uncommon for cryptocurrency scripts to slow down your computer, especially when it comes to low-power devices. Sometimes malware can put a heavy load on the processor and cause it to overheat so severely that it physically damages the computer’s hardware..
Use antivirus protection
Antivirus protection can detect and prevent malware infection on your system. Many antivirus software vendors have added crypto miner detection to their products.
OS vendors also release security patches. Combined with antivirus software, your security should be enough to score above average. Therefore, keep them up to date as there are over 903 million malware in 2019 and more are emerging every day.
Analyze your resources.
Malware scanners are another way to detect unauthorized scripts running on your computer. But, even they do not give a 100% guarantee of protection. Many encryption scenarios are complex enough these days to avoid detection by typical malware scanners. Signs that the computer is working harder than usual are the best indicator of such problems..
All operating systems have a kind of tool similar to System Monitor that analyzes the resources that are constantly being consumed by computers. Keep an eye on this to make sure there are no unusual activities..
Careful with your browser.
If you suspect that the script is infiltrating websites, install plugins to block those websites from your browser. Since crypto hacking scenarios are often delivered via web ads, installing an ad blocker can be an effective means of stopping them. Some ad blockers like Ad Blocker Plus have the ability to detect crypto mining scenarios. Laliberte recommends extensions such as No Coin and MinerBlock, which are designed to detect and block crypto mining scenarios.
Malware downloads by email
Since fake phishing emails are one of the most common ways that cybercriminals implement encryption software on computers, one of the best options to prevent crypto hacking is to keep emails safe..
Ideally, you should never click on an email link unless you are 100% sure you can trust it. Instead, go directly to the source the link points to. For example, if an email claims to come from your bank, enter your bank’s URL in the address bar instead of clicking the link in the email.
Use a VPN while browsing
Using one of the free (yes, sometimes forbidden) services – VPN. It is also a good defense against security threats. Most of them have top-notch security.
VPNs encrypt all your traffic, preventing hackers from injecting malware such as crypto jackets into your system when you are connected to public Wi-Fi.
You can also check the websites used on Whoisminning.
Last but not least, basic knowledge of online security is a must. Don’t click on spam emails or browse suspicious websites.
Now that you know what cryptojacking is, you can protect yourself.
Ignorance is an easy way for cybercriminals to make money. However, unlike ransomware, these attacks do not take away your data. Instead, they steal some of your device’s processing power..
If we represent ransomware as violent criminals, then cryptojacking is more of a silent thief..
So, follow the advice in the sections above, and chances are you will never come across this type of malware. Think about it – cryptojackin is like a cold: it doesn’t do much damage, but it still makes you weak.
However, life is much better without him.