Crypto’s bull run early this year has resulted in increased cryptojacking incidents. Here’s a lowdown on what the term means, and how you can protect your devices against it.
In the last couple of years, cryptocurrency has grown in leaps and bounds. It all began when Satoshi Nakamoto (a pseudonym) first created Bitcoin in 2009. A little over a decade later, today, there are over 4,000 cryptocurrencies in existence.
While cryptocurrencies have significantly changed the finance world, they come with many cons. And it’s not just the environmental cost of crypto mining. Crypto’s bull run early this year has attracted many cybercriminals to the industry. According to a recent report by security firm Kaspersky, incidents of cryptojacking have soared in the first quarter of 2021.
Lately, the crypto space has also given rise to a new scam – cryptojacking.
What is cryptojacking?
In order to verify transactions on the blockchain and make new crypto coins, individuals have to solve complex mathematical algorithms or puzzles—a process known as mining. Individuals require powerful systems to verify transactions and add a new block on the blockchain.
Large mining farms in countries such as China have dedicated computer rigs to mine crypto. As the process involves powerful systems, it also takes up massive amounts of electricity. This is why, “cryptojackers,” who wish to mine crypto without incurring costs of mining hardware or exuberant electricity bills, hack into other devices.
Cryptojacking is a type of scam in which hackers use someone else’s device without their knowledge to mine cryptocurrency. The hackers install malware—often called miners—on a computer or mobile device. They then use the device’s energy to mine crypto in the background, while the unsuspecting victim uses their device.
Compared to other types of malware attacks, cryptojacking is harder to detect. It doesn’t damage a user’s device or data. It can, however, cause decreased performance, and overheat the devices.
Moreover, once detected, it is hard to trace the malware to the source, and hackers prefer mining cryptocurrencies like Monero and Zcash. These are harder to trace compared to more popular ones like Bitcoin.
How does cryptojacking affect devices?
Cryptojacking can be done in a couple of ways.
First, hackers can infect a website or an online ad with JavaScript code through a hacking process called ‘drive-by.’ When users visit the website, the script auto-executes on their browser. This type of hacking only affects the browser. Every time the victim uses their browser, the code runs in the background, and mines crypto.
Sometimes, even closing a browser is not sufficient to prevent the script from running. Often, hackers use a simple trick to create a hidden pop-up window that fits under the taskbar. As this window goes undetected, the mining continues unhindered.
In 2018, over 60 million Android users were infected by a miner coded into ads. Users who encountered these pop-up ads were redirected to malicious websites. During this time, the malware would mine crypto using the device’s computing power. The attack usually goes undetected as the process remains silent.
The second means to hack a device is by sending emails with malicious links. When a user clicks the link, it automatically runs the crypto mining code and adds the script on the device. This method infects the entire device and the code runs in the background whenever the victim uses their device.
In both cases, once a browser or device is infected, the code uses up the CPU’s power to perform complex calculations. The data is simultaneously sent to a server controlled by the hacker.
Often, hackers can also use both hacking vectors to “maximize their return.” For instance, if a hacker uses 50 different devices to mine crypto, half of them could be using code on their systems installed through malicious emails. Meanwhile, the remaining half could be mining through an infected browser.
Preventing cryptojacking
As cryptojacking largely goes undetected, it is important to take measures to prevent an attack and minimize the impact on your device.
Install ad-blockers and browser extensions: Installing ad-blockers can detect and block any infected ads, thereby automatically preventing malicious code from running on your device. Similarly, anti-crypto-mining extensions on web browsers can also prevent cryptojacking scripts from running on your browser. MinerBlock, No Coin, and Anti Miner are some examples of browser extensions.
Scan for malware: Use cybersecurity software to regularly scan for malware on your system. Such security software can detect any cryptojacking malware on your system and protect your device.
Avoid opening suspicious links in emails: It is important to be cautious about the emails you receive, especially those that come with a link. Double-check the authenticity of the sender before you click any links on a suspicious email.
Only install trustworthy apps and software: Whenever you install software or an application on your device, make sure it is authentic and comes from a trustworthy source.
Avoid visiting unfamiliar websites: To prevent cryptojacking attacks through browsers, be careful about visiting unfamiliar websites. In addition, you can block or blacklist any website known for cryptojacking.
With cryptojacking incidents on the rise, users need to be cautious. Cryptojacking was common during the crypto boom in 2017-18. They accounted for around 5% of all malware in 2018, according to Kaspersky. For instance, in 2018, an L.A. Times-run website The Homicide Report was hacked with a cryptojacking code. Hackers then mined Monero on the devices of whoever visited the page.
In another example the same year, cryptocurrency mining malware was found on the operational technology network of a European water utility control system. The incident significantly hampered the operator’s ability to manage the utility plant.
However, as large mining farms began emerging, a single device’s resources essentially became irrelevant. As a result, the incidents of cryptojacking went down in the last two years.
But, with the recent surge in crypto’s popularity, cryptojacking has made a comeback. As per Kaspersky’s report, 200,045 users encountered miners on their devices in March, compared to 187,746 in January. In the first quarter of 2021, a total of 432,171 unique users encountered miners.
“It’s too early to say for sure if the trend we’ve noted in Q1 2021 is here to stay,” Evgeny Lopatin, a security expert at Kaspersky, noted in the report. “However, it does seem that the increase in the value of Bitcoin and other cryptocurrency has sparked a renewed interest in miners.”
“If the crypto markets remain strong this year, it’s likely we’ll continue to see more instances of users encountering miners.”
