While the general news has become flooded with crypto updates, the crypto industry is brimming with cryptojacking, and it often takes over the headlines. So, what is cryptojacking? Simply, it’s the hijacking of cryptocurrencies. It means that if you are mining a cryptocurrency, then the coin miners that you have installed could be used by others without your consent.
How is that possible?
Cryptojacking is basically the mining of cryptocurrency via an unauthorised access to someone else’s system.
Either the hackers send email to the victims, making them enter a malicious link that loads crypto mining codes on the system, or infect a website or online ad through JavaScript code that automatically executes after being loaded in the victim’s browser. And the crypto mining codes run in the background unsuspected while the victim uses the system normally but might notice lags in execution and slower performance.
Hackers consider cryptojacking safer and more profitable than ransomware. Here’s a statement made by Alex Vaystikh, CTO and co-founder of SecBI, “The hacker might make the same as three ransomware payments, but crypto mining continuously generates money.” With ransomware, a hacker might get three people to pay for every 100 computers infected, he explains. With cryptojacking, all 100 of those infected machines work for the hacker to mine cryptocurrency.
More money for less risk is the reason why cryptojacking is becoming more and more popular with hackers. Moreover, the risk of being identified and caught is much less as compared to the threat with ransomware.
Cryptojacking takes a different approach, harnessing victims’ machines to “mine”: perform the computations necessary to update cryptocurrencies’ blockchains, creating new tokens and generating fees in the process. These new tokens and fees are deposited to wallets owned by the attacker, while the costs of mining – electricity and wear and tear to computers – are borne by the victim.
Well, however onerous it might be, but it’s not impossible. Such unauthorized deviation of a system’s resources to mine cryptocurrencies can occur because of infectious software or virus containing browser systems.
What harm does cryptojacking do to a system?
The amount of electricity used by a computer depends on what it’s doing. Being a very processor-intensive – activity, mining requires more power. Thus draining a laptop’s battery while mining, like when it’s displaying a 4K video or handling a 3D rendering.
Similarly, a desktop computer will draw more power from where it is plugged in, both to power the processor and run fans in order to prevent overheating of the machine. Even if the cooling is done properly, the increased heat might still damage the hardware and slow down the computer.
Not only individuals whose computers are hijacked for cryptocurrency mining are harmed, but also universities, companies and other large organisations. A large number of cryptojacked machines across an institution can consume substantial amounts of electricity and damage large numbers of computers.
Chris Olson, CEO of The Media Trust, an information security firm shares-“In most cases, devices are surreptitiously infected via compromised website code- advertising or third-party content — that executes JavaScript to either call to another resource or drop an exploit kit.”
It’s essential to protect yourself from these malware practices as they can significantly reduce the speed of your system or increase the fan speed. Even if you don’t notice a problem with your system, your electricity bill could shoot up.
Although a cybercrime, cryptojacking has not been regulated yet, given the young age of the industry itself. We are, of course, careful with our browsing and clicks, but cryptojackers are usually one step ahead. They target favourite websites that are trusted well and cater to a vast audience base.
Within a few clicks on such an infected website, the malware patch could hijack your browser and get embedded in your system. In doing so, it saves hackers the cost of owning hundreds of processors to run a mining rig.
Cryptojackers normally target popular websites which attract audiences numbering in the millions every day. They embed the malware patch on a website to infect the web browsers of the audience while slowing down their machines.
The working of Cryptojacking
Hackers, primarily use two ways to secretly mine cryptocurrencies through victim’s computer. Tricking victims into loading cryptomining code onto their computers is one of the roads. Phishing-like tactics are performed whereby the victim receives a legitimate looking email. That very email directs the victim to a link which runs code to place cryptomining script on the computer. The script then runs in the background anonymously, as the victim works normally.
The other method is via delivering ads on different websites or injecting a script which automatically executes once the victim visits the website.
However, unlike most other types of malware, cryptojacking scripts do not damage the victim’s computers or data. But they do steal CPU processing resources. For individual users, slower computer performance might be just an inconvenience. An organisation with many cryptojacked systems can incur real costs concerning help desk and IT time spent on resolving performance issues and replacing components or systems anticipating to solve the problem.
How to prevent Cryptojacking Attack?
Here’s how you can protect your system from being attacked by cryptojacking
- Anti crypto mining extensions– NoCoin, an extension that can be installed across several web browsers, including Chrome, Firefox, and Opera helps by prohibiting mining. It provides protection against the most traded crypto coins- Bitcoin, Ethereum, Ripple and the likes. It’s an open source tool, with the code available on Github. Other extensions that serve the same purpose are MinerBlock and Malwarebytes.
- Endpoint protection– Many of the anti-virus software providers have added a crypto-specific feature in their package. Any endpoint protection that’s capable of detecting crypto viruses can prove to be a vital tool in your security kit.
- Block from all systems– You might discover an infected website and block it from the system you are currently working on. However, it’s critical to block it across all your networks or operators. Also, share the same with other crypto community members.
Coinhive is known to have created a script that could mine on others’ systems without their consent. And, in June 2018, McAfee, the antivirus provider found that around 30,000 websites ran Coinhive, as compared to 2,500 in November 2017. Such a jump in numbers clearly indicates the gravity of the situation.
- Incorporating the cryptojacking threat into your security awareness training, focusing on phishing-type attempts to load scripts onto users’ computers. Since phishing will continue to be the primary method to deliver malware, training the computers will help protect even when technical solutions might fail.
- Installing an ad blocker to prevent the auto-execution of scripts that are delivered via websites can be an effective means as well. Some ad blockers are designed to detect and block cryptomining scripts like Ad Blocker Plus, No Coin and MinerBlock, etc.
Some of the tools to prevent cryptojacking are –
- NoCoin
NoCoin is an extension that can be placed on web browsers like Google Chrome, Mozilla Firefox, and Opera. In addition to Coinhive, this open source tool provides security against other mining software mining for bitcoin, ethereum, and ripple. Furthermore, it also allows users to turn off protection for certain websites. This provision gives users the authority to willfully trade their processing power for the services offered by a particular website.
- MinerBlock
MinerBlock is another anti-mining browser extension that can block cryptojacking attempts by software patches on websites. It maintains a blacklist of compromised websites, and lets users manually add to this list. Fortunately, this extension can block, as well as defuse attacks that have previously breached a system’s firewall.
- MalwareBytes
MalwareBytes is a software package that acts as a defence against a wide variety of malware, and hackers trying to breach private networks. It is an enterprise software which has versions for both personal and professional use. Moreover, it enables users to remove particular domains or IP addresses from its block list.
While these tools are not entirely infallible, they provide the first line of defence against potential security breaches.
- Keeping web filtering tools up to date. When you identify a web page that is delivering cryptojacking scripts to your system, make sure that other users are blocked from reaccessing it.
- Maintain browser extensions. Some attackers are using malicious browser extensions or poisoning legitimate extensions to execute crypto mining scripts.
- Use mobile device management (MDM) solution to control better what’s on user’s devices. Although mobile devices tend to have less processing power which makes the less lucrative for hackers, but an MDM solution can help manage apps and extensions on user’s devices.