Cryptocurrency and Cryptojacking Make a Dangerous Pair
With the rise in popularity of cryptocurrencies (electronic money) and their increasing acceptance as a legitimate way to purchase goods and services online, it didn’t take long for cryptojackers or cryptohackers to begin devising their schemes to mine cryptocurrency from others; and it’s not slowing down anytime soon.
So, what is cryptojacking and how can you defend against it? Find out what you need to know here.
What is Cryptojacking?
Cryptojacking is an emerging online threat with the main purpose of stealing or “mining” cryptocurrencies, forms of online money, from users’ mobile or online devices without their consent or knowledge. However, there is more than one sole malicious purpose for cryptojacking – there are multiple reasons and methods behind this kind of digital attack.
How Do Cryptocurrencies Work?
The first thing to know about cryptocurrency is that it does not work the same as regular currency. Cryptocurrencies are forms of digital money that exist only in the online world, with no actual physical form.
The second thing to know is that cryptocurrency is decentralized. This means that unlike credit and debit, it’s controlled solely by anonymous users and computer algorithms as opposed to a central bank or government. Units of cryptocurrency, known as “coins,” are nothing more than entries or records of transactions in multiple databases existing simultaneously across a network of millions of computers that don’t belong to any one person, location, or organization.
Because there is no government oversight or central regulator of cryptocurrency, in order to handle the millions of records and serious risks, a distributed ledger exists – the most common form being a blockchain. In a blockchain, every transaction is heavily encrypted, timestamped, and added to a “block” of transactions. When a certain number of transactions have been assembled, that block is added to a chain of blocks – i.e., a blockchain.
Blockchains are meant to help protect against counterfeiting and safeguard transactions. Essentially, the blockchain is a ledger or chain of information that retains a detailed history of each digital transaction, which helps to ensure that people cannot double spend their digital money.
In a cryptocurrency blockchain, each of the blocks in the chain stores details and data about a transaction, such as the receiver, sender, and number of coins involved. The blockchain is open for anyone to access, but once a block is added it can’t be modified without affecting the entire chain.
The Role Cryptomining Plays
In a blockchain, before a transaction can be added, it must be authenticated – this is where cryptomining comes in. Every time a new transaction takes place it must be validated by a cryptominer. However, because digital currency is heavily encrypted, the verification process takes up a lot of time and computing power. Because of this, cryptominers are paid for their efforts through a token of digital currency – typically just a few dollars per transaction.
Transactions, however, can take hours to validate properly on a regular computer, so it’s not an easy feat to make a sizeable amount of money. There’s also the competition from other cryptominers to consider in order to increase verification efficiency. More than one miner can work on a transaction a time – but only the fastest miner earns the digital reward. The best way to validate transactions faster: more processing power.
How Does Cryptojacking Work? – Part One
When it comes to cryptojacking, the more power the better for cryptominers. Crytominers who are driven by a high earning incentive and the need for processing power to get it are serious offenders of crytojacking. Even if a system, device, or organization does not use cryptocurrency, they are still prime targets for cryptojackers.
This is because when they can get their cryptomining malware to infect a perfectly good, or better yet, powerful computer system, it will eat into it like a parasite. Cryptominers will then suck the processing power out of any device they can to use it to mine for cryptocurrency, increasing their profits by allowing them to mine more transactions faster. This takes a couple of dollars and turns it into a huge payday. The only expense? It comes at the expense of the user's device, which will become increasingly slow and most likely fail altogether.
How Does Cryptojacking Work? – Part Two
Cryptojacking is also the act of cybercriminals hacking into business and/or personal computers, laptops, and mobile devices to install or infect them with software to do their bidding. The software works by using a computer’s power and resources to mine for cryptocurrencies or steal the digital wallets of unsuspecting victims. The code is easy to deploy, runs in the background, and is difficult to detect other than a few minor red flags.
One of the main ways cryptojackers work to enslave devices is through traditional malware techniques, such as a link or attachment in an email. Once a link is clicked or an attachment is opened, the device is thereby infected with the cryptomining code and the cryptojacker will begin working around the clock to mine cryptocurrency while staying hidden in the background.
An alternate cryptomining approach is a browser-based attack known as drive-by cryptomining. Similar to malicious advertising exploits, the scheme involves embedding a piece of JavaScript code into a web page. If the page is visited, the code activates and performs cryptocurrency mining on any user devices that visit the web page. Nothing is stored on a device, but the mining will take place as long as the browser is open.
One last way crytojackers can get access to cryptocurrency is through cloud cryptojacking. This form of crytojacking involves hijacking cloud resources to mine for cryptocurrency. When hackers use cloud cryptojacking, they search through an organization’s files and code for API keys to access their cloud services. Once access is gained, hackers can siphon unlimited CPU resources for cryptomining. It’s currently the fastest-growing cybersecurity threat to the enterprise and by using this method hackers can significantly accelerate their cryptojacking efforts to illegally mine for currency.
How Can You Defend Yourself Against Cryptojacking?
While cryptojacking is still relatively new, attacks are becoming more commonplace – and if you are a victim of cryptojacking, you may not even notice since most cryptojacking software is designed to stay hidden. The trick is to prevent this exploit from happening in the first place and to pay attention to the red flags if they’re noticeable.
Red flags to keep an eye on include slower computer response times, increased processor usage, overheating devices, and higher electricity bills. If your PC or Mac is slowing down, is using its cooling fan far more than normal, or your electricity bill has skyrocketed, you may have a reason to suspect cryptojacking.
To prevent an attack from happening, administrators need to take action by using advanced intrusion prevention systems like next-gen firewalls, antivirus, and anti-malware software from the get-go. Additionally, arming yourself with a VPN is a key defense mechanism against cryptojackers and other kinds of digital threats. VPNs encrypt internet connections and hide IP addresses, keeping you and/or your organization safer and anonymous in the online world.
If a network is compromised, steps should be taken to conduct a root-cause analysis that identifies how the malware was installed so that further repeat attacks can be prevented. Make the threat of cryptojacking a part of your cybersecurity plan or awareness training, focusing on phishing with fake links and/or attachments. For web browsers, try installing an ad-blocker with cryptomining detection capabilities like Adblock Plus or an anti-cryptomining extension like minerBlock.
Related Reading: 10 Cybersecurity Tips and Best Practices
