Cryptojacking is an increasingly widespread form of malware that hides on your device and steals your computer's resources to mine online currencies such as bitcoin.Everything About Cryptojacking
Cryptojacking (also known as malicious cryptocurrency mining) is a threat that hides inside a computer, server, or mobile device and uses the machine's resources to "mine" various forms of digital currency known as cryptocurrencies. It is a threat that can take over a system and use its available resources to generate income for an attacker.
Like most malicious attacks, the motive is profit, but unlike other threats, it is designed to remain completely hidden from the user. To understand how this threat works and how to protect yourself against it, let's start with some background.
What Are Cryptocurrencies?
Cryptocurrencies are a type of digital money with no physical form. They were created as an alternative to traditional money and gained popularity for their growth potential and anonymity. One of the first and most successful forms of cryptocurrency is bitcoin, which emerged in 2009. In December 2017, the value of a single bitcoin reached its all-time high of nearly $20,000 USD, then fell below $10,000 USD. Bitcoin's success inspired the creation of other cryptocurrencies that operate in much the same way. Before a decade had passed since its invention, people around the world were using cryptocurrencies to buy and sell things or make investments.
The word "cryptocurrency" comes from the combination of two terms: "cryptography" and "currency." It is defined as electronic money based on the principles of complex mathematical encryption. All cryptocurrencies exist as decentralized, encrypted monetary units that can be freely transferred between network participants. In other words, a cryptocurrency is electricity converted into lines of code that have monetary value.
"Cryptocurrency units (called 'coins') are nothing more than entries in a database."Unlike traditional currencies, cryptocurrencies like bitcoin are not backed by a specific government or bank. No central government or regulator oversees cryptocurrency. It is decentralized and managed across multiple duplicated databases simultaneously on a network of millions of computers that belong to no single person or organization. Moreover, the cryptocurrency database functions as a digital ledger.
The anonymous and decentralized nature of cryptocurrencies means that no regulatory body decides how much currency should be put into circulation. Instead, the way most cryptocurrencies enter circulation is through a process called "mining." This mining process essentially consists of converting computing resources into cryptocurrency coins.
The current situation is that those who are serious about cryptocurrency mining invest a great deal of money to compete with other mining programs in order to be the first to solve the puzzle and claim their reward. Keeping up with this enormous effort is a very costly arms race, requiring massive processing power and a great deal of electrical energy to increase the chances of profitable mining. For example, before China shut down the country's cryptocurrency farms, some monthly electricity bills reached $80,000 USD.
"If you are a victim of cryptojacking, you may not even realize it."What Is Cryptojacking?
Cryptojacking (or malicious cryptocurrency mining) is defined as the undetected use of someone else's computing device to mine digital currencies. It is the compromise of a computer, smartphone, or network of machines — not to access data, but to mine cryptocurrencies by hijacking others' resources.
If you are a victim of cryptojacking, you may not realize it. Most cryptojacking software is designed to remain hidden from the user, but this does not mean it goes unnoticed. This theft of your computing resources slows down other processes, increases your electricity bill, and shortens the device's lifespan. Depending on how subtle the attack is, certain warning signs may be observed. If your PC or Mac slows down or the fan runs more frequently than usual, you have reason to suspect cryptojacking.
The motivation behind cryptojacking is simple: money. Cryptocurrency mining can be very lucrative, but achieving profitability is nearly impossible without the means to cover large costs. For someone with limited resources and questionable ethics, cryptojacking is an affordable and effective way to mine valuable coins.
How It Can Infect Your Device
There are several ways cryptojacking can end up on your devices, but the most common are:
1. Malware
At any time — when receiving an email, installing an application, or activating hidden software — a cybercriminal can install malware on your device that takes control of it, spikes CPU usage, and begins mining cryptocurrency without your knowledge.
2. Websites and Browsers
This is an increasingly common practice: some websites, without notifying their users, offer your internet connection for mining purposes — a form of fraud against people whose computers are being put to work for a third party. Through the browser, they use your bandwidth and device to generate new coins.
Associated Risks
The greatest danger of cryptojacking is not only access to personal home computers, but that it ends up flooding the machines across your entire organization, causing various types of harm:
Resource Consumption
The company will end up experiencing a tremendous increase in its energy bill, as cryptojacking will squeeze every machine and make use of it whenever possible.
Technical Problems
Ordinary computers are not designed to operate while mining cryptocurrencies. If cryptojacking infects a device, it will create problems for the company through lost productivity and additional expenses, since technical support is required or, in some cases, the computer must be replaced.
Corporate Cybersecurity
Data theft may not be among the top priorities of cryptojacking authors, but having this type of cybercriminal gain access to your company's computers represents a serious breach in corporate cybersecurity.
How Can I Protect Myself Against Cryptojacking?
Whether you have suffered a cryptojacking attack locally on your system or through the browser, it can be difficult to manually detect the intrusion after the fact. Similarly, tracing the source of CPU usage can be complex. Processes may hide or disguise themselves as legitimate ones to prevent the user from stopping the abuse. Another advantage for cryptojackers is that when your computer is running at full capacity, security software will execute very slowly and will therefore be harder to use to resolve the problem. As with precautions against malware, it is far better to put security in place before becoming a victim.
One obvious option is to block JavaScript in the browser you use to browse the web. While this disrupts incidental cryptojacking, it could also block features you enjoy and need. There are specialized programs, such as "No Coin" and "MinerBlock," that block mining activity in the most common browsers. Both have extensions for Chrome, Firefox, and Opera. The latest versions of Opera even have No Coin built in.
"Whether attackers try to use malware, attempt a drive-by download through the browser, or deploy a trojan, you are protected against cryptojacking."However, our suggestion is to avoid purpose-built solutions and instead look for a more comprehensive computer security program. An EDR, for example, protects you from more than just cryptojacking. It also prevents malware, ransomware, and various internet threats. Whether attackers try to use malware, attempt a drive-by download through the browser, or deploy a trojan, you are protected against cryptojacking.
In a constantly evolving threat landscape, staying safe from the latest dangers, such as cryptojacking, is a full-time job. With a proper EDR solution such as CrowdStrike you will have the means to detect and clean up any type of intrusion and ensure that only you are using your device's resources.
Source: Malwarebytes, PandaSecurity, Crowdstrike
Leave a Comment
Comments are reviewed before publishing.