Here’s everything you need to know about cryptojacking, how to detect an attack, and how you can keep yourself safe.
The term “this is a digital world” is more accurate now in 2020 than ever before. Businesses and individuals are conducting most if not all their financial transactions online, including shopping and banking. Cryptocurrencies fit right into these digital transactions, acting as a virtual currency that is made secure through cryptography.
With the popularity of cryptocurrencies, we’ve seen the emergence of cryptojacking, the unauthorized use of computing power to mine these currencies. But just how serious a threat is cryptojacking?
What Is Cryptojacking?
While Bitcoin, which is capped at 21 million in total, is the most well known of all cryptocurrencies, there are currently over 2,995 other currencies available.
Cryptojacking attacks allow hackers to use the computing power of unsuspecting victims so they can mine cryptocurrencies such as Bitcoin and Ethereum. After hacking into both business and personal computers and other devices to install malware and malicious code, the processing power of the device is used to run a cryptomining script in the background. Once mined, the currency ends up in the digital wallet of the hacker.
Difficult to detect and of little risk to hackers, cryptojacking is on the rise as cybercriminals continuously come up with new ways to steal computer resources so they can mine for cryptocurrency.
How Cryptojacking Works
Image source. varonis
Cryptojackers use a few methods to infect computing devices and mine for currencies. Being aware of these methods can lead to early detection of cryptojacking on your computer:
The classic method for cybercriminals to install malicious code on your computer is through an email attack. To build trust, the email often looks as though it’s coming from a company the user recognizes and is familiar with, such as a banking institution. Sending an email that contains an attachment or link that looks legitimate, hackers are counting on you to click on the link and download the cryptomining code.
Cryptojacking via Websites
Another way that hackers can run cryptomining code on your computer without your knowledge is by writing a script and embedding it on websites. The script is embedded into ads and WordPress plugins that haven’t been recently updated. When you visit the compromised website and click on the ad or the plugin, the cryptojacking script starts to run in the background of the computer or device.
More and more businesses are using cloud platforms and services, making the cloud the obvious next target for hackers. By hacking into cloud services, hackers can use huge amounts of computer resources, which results in a drastic cost increase to cloud account users without knowing why. To gain access, cybercriminals hack into your computer network and look through code and files for API keys with cloud access.
The Steps of Cryptojacking
After using one of these three methods of infecting computing devices with cryptomining script, Cryptojacking works quickly and silently in the background of your computer. Here’s how:
- “Threat actors,” or cryptojackers, place cryptomining code in an email, on websites, or gain access to cloud services.
- Unsuspecting users click on links, download attachments, or click on an infected ad on a website.
- The cryptomining script is executed and starts working in the background without the knowledge of the user.
- Computing resources are used to solve complex mining calculations and algorithms to mine for blocks, adding these new blocks to the blockchain, the technology behind cryptocurrency.
- With little risk of detection, as they add a new block to the chain, cryptojackers receive cryptocurrency in their own digital wallet.
Detecting Cryptojacking Attacks
If undetected, a cryptojacking attack is damaging to both business and personal computers, slowing down performance and resulting in rising electricity costs as more processing power is used. Once your network has been compromised it can be difficult to determine which device is under threat. This is why it’s important that you and your IT team know how to detect Cryptojacking.
Here’s how you can detect a cryptojacking attack on your computer or device:
Be aware of any decrease in computing performance
Cryptomining code can cause a drop in your computer’s performance, slowing down even basic functions. Be aware of devices that are running slowly or any lags in execution.
Be alert for overheating devices
Keep an eye out for overheating computers, laptops, and tablets. Cryptomining scripts use up a lot of computing resources, which can cause devices to work harder and overheat. This can lead to hardware failure and repairs and an increase in your IT budget.
Check for increased levels of CPU usage
Monitor your computer for any abnormal CPU (central processing unit) usage. If you notice that there’s an increase in usage when you’re visiting websites that don’t have a lot of media content, it may be a sign that cryptojacking is happening. To monitor, use the Task Manager on your PC or Activity Monitor on Mac computers.
Check for coding changes on your websites
Monitor your own websites to check for any changes to files or webpages. Cryptojackers are looking for vulnerable websites where they can embed cryptomining code.
Scan regularly for malware
Make sure your security software is up to date and regularly scan for malware. Learning early that your system has been breached can help you plan quickly and stop cryptojacking from happening on your computer and other devices.
Get the latest information on cryptojacking
Information about cryptojacking is continuously being updated as cybercriminals come up with new mining scripts and methods of infecting your computer. Stay abreast of the latest trends and threats by relying on reliable sources such as CryptoSlate and CoinDesk.
5 Ways to Prevent Cryptojacking
Detecting if and when cryptojacking is happening on your computer is just a start – there are some things you can do to prevent malicious mining script from running on your computer. Use these preventative tips to protect your business and personal computing devices:
1. Security training
Ensure that your IT team knows what cryptojacking is and how to detect it early. Be on the lookout for the different attack methods and know what to do when there’s a threat.
2. Educate your employees
As well as training your IT team, your employees need to be educated about proper security guidelines and regulations. Make sure they understand what cryptojacking is and how it can harm your entire network. When training, be clear about the risks of opening emails from unknown senders and clicking on links and attachments.
3. Employ browser extensions
Many browsers include extensions that can stop cryptomining from happening. Browser extensions such as minerBlock and No Coin will monitor for any suspicious activity and block cryptojacking attacks.
4. Install ad-blockers
Website ads are at risk and can be embedded with cryptomining scripts. Many ad-blockers can filter and block these scripts from running on computer browsers.
Protection from cryptojacking attacks begins with awareness, detection, and prevention. Use the guidelines here to keep your computer and other devices safe from unauthorized cryptojacking — see the full cryptojacking guide here, courtesy of Varonis. For more protection, ensure that your cybersecurity plan is up to date from all types of cyber threats.