You have just bought a shiny new device but after only weeks of using it, it slows down to a crawl. It overheats to the point where you can barely hold it in your lap, and you have to recharge it three times a day. One of the possible reasons is that someone might have enrolled your precious device into a crypto-mining zombie army. But unfortunately, they are not going to share their profits with you. They just use your device as a tool for a cryptojacking attack.
What is cryptocurrency
Before talking about the actual attack, we must first tell you about the concept of cryptocurrency. As you may know, cryptocurrency is a digital currency that has no physical form and can be used to buy goods online or even exchanged for real money. Cryptominers use electricity and computer power to turn the lines of complex codes into these monetary units. Cryptocurrencies have no central regulating authority, and their encrypted nature can guarantee anonymity for their users. Basically, you can use them without any official bodies seeing what you do with them.
Cryptocurrencies have experienced a recent bubble, with their values skyrocketing in a few years. One of the reasons for this is the principle of blockchain technology allowing only a limited number of units to be mined. This means that the mining competition is getting more intense, and mining requires more and more electricity. So it is no wonder that hackers invented a way to exploit other devices to cash in from the cryptocurrency boom.
What is cryptojacking
Cyptojacking is using someone else’s computer or smartphone to mine cryptocurrency without their consent. There are two ways cybercriminals can enslave your device. One is by using phishing tactics: a user receives a phishing email, clicks on a link, and gets a cryptomining script on their device. It starts running in the background, and they might not notice it for a long time. The device then sends a digital token to the hacker’s wallet, and the user is left with increased CPU usage and electricity bills due to the mining costs.
Why cybercriminals use cryptojacking
There are a few reasons why this attack is popular:
The value of cryptocurrency keeps increasing, and its mining requires more and more resources. Thus, using other devices is cheaper than setting up your own mining farm;
Due to the anonymous nature and no regulation behind such currencies, it is quite difficult to trace the hackers;
It is a bit of a grey area in terms of a cybercrime definition and less risky than ransomware or other types of extortion attacks. In this case, cybercriminals do not do any real damage to you, like stealing your data or leaking your credentials. They just use your computing power for their gains. So, there is slightly less of a chance of them being traced and caught.
Coinminer is an example of rogue cryptojacking malware that kills all other cryptomining processes. It poses as a fake Flash player update, which hackers prompt you to click by using social engineering techniques.
How to detect cryptojacking
These are the main symptoms of cryptojacking:
Your CPU energy usage has increased significantly without any identifiable cause;
Your device constantly overheats;
Your device has started to work way slower than before.
How to prevent cryptojacking
To prevent cryptojacking, you should consider the following pieces of advice:
Do not open suspicious websites and never click on suspicious links or ads. Also, learn about phishing techniques and how to detect them;
Keep your security software up to date;
Use anti-cryptojacking extensions, which block cryptomining activities on the browser level. Just make sure you use safe and reliable ones
Cryptojacking is a relatively new form of attack, so we recommend following the news and regularly updating your knowledge on the subject.