Loading...

What is cryptojacking?

An introduction to cryptojacking, how it works, how to avoid, detect and fight it

All you need to know about cryptojacking, the latest threat to cybersecurity…

Apr 07, 2020    By Team YoungWonks *

In a world increasingly dependent on technology, it is perhaps not surprising that today we see many problems unique to and rampant in the tech world. Data security, for instance, is constantly under threat. In the cryptocurrency world then, cryptojacking is one of the key problems. In this blog, we shall take a look at what the term cryptojacking entails, how it is a danger and how we can protect ourselves from it. 

 

Cryptocurrency, cryptography and blockchain

At the outset, let’s look at what the term cryptocurrency means. Cryptocurrency refers to a digital asset that functions as a medium of exchange. It is a form of digital cash that derives its name from the fact that relies heavily on the use of cryptography or cryptology, which is the study of techniques used for secure communication in the presence of third parties.

So the financial transactions with these cryptocurrencies are in fact secured and verified by network nodes through cryptography and recorded in a public distributed ledger called a blockchain. Essentially, a blockchain is a growing list of records, called blocks, that are connected to each other using cryptography. Thus, even the creation of additional units (or blocks) of cryptocurrencies is controlled through the use of cryptography. This process of verifying transactions of cryptocurrency and adding them to the blockchain digital ledger is called cryptocurrency mining, or cryptomining.

Cryptocurrencies use decentralized control instead of centralized digital currency and central banking systems. Released as an open-source software in 2009, Bitcoin is considered the first decentralized cryptocurrency. 

If you wish to learn and understand more about the related concepts of cryptography and blockchain, you can read our blogs here: https://www.youngwonks.com/blog/Public-Key-and-Private-Key-Encryption-Explained and https://www.youngwonks.com/blog/What-is-Blockchain-Technology 

 

What is cryptojacking?

Cryptojacking refers to the unauthorized use of people’s devices - computers, smartphones, tablets, or servers - to mine cryptocurrency. In other words, a person’s computer is secretly or illegally used to mine cryptocurrency without the person’s consent or knowledge. Hackers basically use cryptojacking to steal computing resources from victims’ devices, so they do not have to build a dedicated cryptomining computer. 

What also makes cryptojacking quite hazardous is not just the illegal use of a person’s device but also the fact that often the user may not realize this right away or at all. Most cryptojacking software is built to stay hidden from the user. But at the same time, the theft of computing resources does begin to adversely affect the user in other ways as well. For example, it slows down other processes, increases one’s electricity bills and shortens the life of your device. So if one’s PC or Mac is slowing down or uses its cooling fan more than the usual amount, one may be a victim of cryptojacking. 

 

How cryptojacking works 

Cryptojackers are known to employ several ways of misusing a person’s computer for the purpose of cryptomining. One method is a lot like classic malware, where the hacker gets a user to click on a malicious link in an email and it loads cryptomining code directly onto the person’s computer. Once the computer (or device) is infected, the cryptojacker mines cryptocurrency but without the knowledge of the user. 

Another cryptojacking approach is called drive-by cryptomining. Here a website or an online ad is infected with JavaScript code that runs automatically once loaded in the victim’s browser. So the code basically mines cryptocurrency on the devices of the users visiting the said website or ad.

 

How prevalent is cryptojacking

Cryptojacking is relatively new and yet it is catching on. A 2017 article in Fortune magazine even calls cryptojacking “the next big cybersecurity threat”; subsequent reports in recent years have also cited a considerable rise in the instances of cryptojacking. 

One of the main reasons behind this is how inexpensive it is to carry it out, combined with the fact that the returns in comparison are often rather high. Indeed, the idea behind cryptojacking is simple - it’s akin to looting someone’s money in a cost-effective way. For a lot of hackers, cryptojacking is a cheaper, more profitable option to ransomware. With ransomware, a hacker typically ends up getting only a few people to pay up, whereas with cryptojacking, each infected computer is now a tool for the hacker to mine cryptocurrency. 

Some other famous examples include the incident where critical infrastructure security firm Radiflow declared how it had detected cryptocurrency mining malware in the operational technology network (which does monitoring and control) of a European water utility firm. The same year (2018) also saw a news report about a bunch of Russian scientists who allegedly used a supercomputer at their research and nuclear warhead facility to mine Bitcoin.

 

How to fight cryptojacking

How do you react to a cryptojacking attack? If it’s an in-browser JavaScript attack, kill the browser tab running the script. Make note of the website URL hosting the script and update the company’s web filters to block it. 

Now if an extension has infected the browser, closing the tab is not the answer. Instead, it is advisable to update all the extensions and remove those not required or those that are infected.

 

Safety against cryptojacking 

As mentioned earlier, often victims of cryptojacking do not realize so until after their devices have been misused to mine the cryptocurrency. This means that detection - especially manual - is often a big problem with cryptojacking. Even so, watch out for high CPU usage and check what’s causing it - is it being done in your browser or if your computer is infected. By using Windows Taskmanager, or Process Explorer or Mac OS’s Activity Monitor, one can look for the reason why your computer’s resources are being used up. 

Similarly, tracing back to the origin of the high CPU usage can be quite tricky too. It is likely that the hacker is hiding under the ruse of something legitimate. Moreover, when such an infected computer functions at maximum capacity, it will most likely become very slow, and thus that it will be that much more difficult  to troubleshoot. 

Not surprisingly then, prevention is way better than cure and one can prevent cryptojacking by installing security software. Another alternative is to block JavaScript in the browser one is using; this will help fight attempts at drive-by cryptojacking. The downside, however, is that this can also block the user from using other functions that he / she may like and/ or need. One can also turn to specialized programs like No Coin and MinerBlock, which are aimed at blocking mining of cryptocurrencies in leading browsers. It is also advised that users regularly monitor their websites for file changes on the web servers or changes to the pages.

Those in a corporate setup or with higher budgets can even afford to opt for an elaborate cybersecurity program - preferably one where the endpoint protection can detect known crypto miners - as opposed to just a purpose-built solution. 

Businesses are in a better position to detect cryptojacking than individuals using their personal computers since the former can usually deploy network monitoring solutions and also because most consumer end-point solutions do not detect cryptojacking.  

Some other steps one can take include keeping one’s web filtering tools up to date. That way, if one notices that a web page has cryptojacking scripts, one can alert other users in the organization against accessing it. Maintaining browser extensions is also a good bet, even though it is being said that some hackers are using malicious browser extensions or infecting legitimate extensions to disseminate cryptomining scripts. 

Last but not the least, it is always a good idea to read up and stay updated with the latest in the field as this is known to keep users in good stead. 

 

Sources:

https://fortune.com/2017/10/23/bitcoin-monero-cryptocurrency-mining-security-threat/

https://www.wired.com/story/cryptojacking-critical-infrastructure/

https://www.bbc.com/news/world-europe-43003740

 

*Contributors: Written by Vidya Prabhu; Lead image by: Leonel Cruz

This blog is presented to you by YoungWonks. The leading coding program for kids and teens.

YoungWonks offers instructor led one-on-one online classes and in-person classes with 4:1 student teacher ratio.

Sign up for a free trial class by filling out the form below:

By clicking the "Submit" button above, you agree to the privacy policy
help