What is Cryptojacking, and How Can You Protect Your Device From an Attack?

What-Is-Cryptojacking,-And-How-Can-You-Protect-Your-Device-From-An-Attack

Crypto’s bull run early this year has resulted in increased cryptojacking incidents. Here’s a lowdown on what the term means, and how you can protect your devices against it.

In the last couple of years, cryptocurrency has grown in leaps and bounds. It all began when Satoshi Nakamoto (a pseudonym) first created Bitcoin in 2009. A little over a decade later, today, there are over 4,000 cryptocurrencies in existence.

While cryptocurrencies have significantly changed the finance world, they come with many cons. And it’s not just the environmental cost of crypto mining. Crypto’s bull run early this year has attracted many cybercriminals to the industry. According to a recent report by security firm Kaspersky, incidents of cryptojacking have soared in the first quarter of 2021.

Lately, the crypto space has also given rise to a new scam – cryptojacking.

What is cryptojacking?

In order to verify transactions on the blockchain and make new crypto coins, individuals have to solve complex mathematical algorithms or puzzles—a process known as mining. Individuals require powerful systems to verify transactions and add a new block on the blockchain.

Large mining farms in countries such as China have dedicated computer rigs to mine crypto. As the process involves powerful systems, it also takes up massive amounts of electricity. This is why, “cryptojackers,” who wish to mine crypto without incurring costs of mining hardware or exuberant electricity bills, hack into other devices.

Cryptojacking is a type of scam in which hackers use someone else’s device without their knowledge to mine cryptocurrency. The hackers install malware—often called miners—on a computer or mobile device. They then use the device’s energy to mine crypto in the background, while the unsuspecting victim uses their device.

Compared to other types of malware attacks, cryptojacking is harder to detect. It doesn’t damage a user’s device or data. It can, however, cause decreased performance, and overheat the devices.

Moreover, once detected, it is hard to trace the malware to the source, and hackers prefer mining cryptocurrencies like Monero and Zcash. These are harder to trace compared to more popular ones like Bitcoin.

How does cryptojacking affect devices?

Cryptojacking can be done in a couple of ways.

First, hackers can infect a website or an online ad with JavaScript code through a hacking process called ‘drive-by.’ When users visit the website, the script auto-executes on their browser. This type of hacking only affects the browser. Every time the victim uses their browser, the code runs in the background, and mines crypto.

Sometimes, even closing a browser is not sufficient to prevent the script from running. Often, hackers use a simple trick to create a hidden pop-up window that fits under the taskbar. As this window goes undetected, the mining continues unhindered.

In 2018, over 60 million Android users were infected by a miner coded into ads. Users who encountered these pop-up ads were redirected to malicious websites. During this time, the malware would mine crypto using the device’s computing power. The attack usually goes undetected as the process remains silent.

The second means to hack a device is by sending emails with malicious links. When a user clicks the link, it automatically runs the crypto mining code and adds the script on the device. This method infects the entire device and the code runs in the background whenever the victim uses their device.

In both cases, once a browser or device is infected, the code uses up the CPU’s power to perform complex calculations. The data is simultaneously sent to a server controlled by the hacker.

Often, hackers can also use both hacking vectors to “maximize their return.” For instance, if a hacker uses 50 different devices to mine crypto, half of them could be using code on their systems installed through malicious emails. Meanwhile, the remaining half could be mining through an infected browser.

Preventing cryptojacking

As cryptojacking largely goes undetected, it is important to take measures to prevent an attack and minimize the impact on your device.

Install ad-blockers and browser extensions: Installing ad-blockers can detect and block any infected ads, thereby automatically preventing malicious code from running on your device. Similarly, anti-crypto-mining extensions on web browsers can also prevent cryptojacking scripts from running on your browser. MinerBlock, No Coin, and Anti Miner are some examples of browser extensions.

Scan for malware: Use cybersecurity software to regularly scan for malware on your system. Such security software can detect any cryptojacking malware on your system and protect your device.

Avoid opening suspicious links in emails: It is important to be cautious about the emails you receive, especially those that come with a link. Double-check the authenticity of the sender before you click any links on a suspicious email.

Only install trustworthy apps and software: Whenever you install software or an application on your device, make sure it is authentic and comes from a trustworthy source.

Avoid visiting unfamiliar websites: To prevent cryptojacking attacks through browsers, be careful about visiting unfamiliar websites. In addition, you can block or blacklist any website known for cryptojacking.

With cryptojacking incidents on the rise, users need to be cautious. Cryptojacking was common during the crypto boom in 2017-18. They accounted for around 5% of all malware in 2018, according to Kaspersky. For instance, in 2018, an L.A. Times-run website The Homicide Report was hacked with a cryptojacking code. Hackers then mined Monero on the devices of whoever visited the page.

In another example the same year, cryptocurrency mining malware was found on the operational technology network of a European water utility control system. The incident significantly hampered the operator’s ability to manage the utility plant.

However, as large mining farms began emerging, a single device’s resources essentially became irrelevant. As a result, the incidents of cryptojacking went down in the last two years.

But, with the recent surge in crypto’s popularity, cryptojacking has made a comeback. As per Kaspersky’s report, 200,045 users encountered miners on their devices in March, compared to 187,746 in January. In the first quarter of 2021, a total of 432,171 unique users encountered miners.

“It’s too early to say for sure if the trend we’ve noted in Q1 2021 is here to stay,” Evgeny Lopatin, a security expert at Kaspersky, noted in the report. “However, it does seem that the increase in the value of Bitcoin and other cryptocurrency has sparked a renewed interest in miners.”

“If the crypto markets remain strong this year, it’s likely we’ll continue to see more instances of users encountering miners.”

Header image by Tumisu from Pixabay

SHARE THIS STORY

Share on facebook
Share on twitter
Share on linkedin
Share on email

RELATED POSTS

CEOs That Crashed and Burned in 2022

CEOs That Crashed and Burned in 2022

As 2022 draws to a close, it is time to sit back and reflect on events that have unfolded this year—the good, the bad and the ugly. We saw massive layoffs in the tech space and a devastating crypto market crash with one crypto company going down after another. You must have seen article after article talking about the situation with Luna and Celsius as well as the recent bankruptcy filings of FTX and BlockFi.

TOKEN2049 London Recap

TOKEN2049 London Recap

TOKEN2049 London is the second part of the greater annual TOKEN2049 event. Every year, the event is held in both Singapore and London, bringing together a wide variety of Web3 participants from developers, thought leaders, founders and investors.

How Charming Men Get Away with Fraud

Bernie Madoff vs. FTX: How Charming Men Get Away with Fraud

The recent FTX scandal has all the trappings of a Netflix drama series where the business tycoon—once lauded for his power moves—is brought down by greed, selfishness and the judiciary system (The Wolf of Wall Street, much?). The CEO of crypto exchange FTX, Sam Bankman-Fried, has come into the spotlight for bringing about the downfall of FTX and his other company Alameda Research. In November 2022, he filed for bankruptcy for both companies after a devastating collapse in the public eye.

New to the Forex Market The Ultimate Toolkit for Success

New to the Forex Market? The Ultimate Toolkit for Success

Foreign exchange trading can be a tricky business. When it comes to choosing what tools will be the most effective in your forex trading journey, there are a few aspects to consider. Whether you are a brand-new trader or a seasoned veteran, some of these tools will always be handy to help you not only find the diamonds in the rough but also stay focused on your goals.

Looking Back on the Top Skincare Trends of 2022

Looking Back on the Top Skincare Trends of 2022

Going makeup free during the COVID-19 pandemic has whipped up interest in skincare, with people spending more on in-clinic aesthetic treatments and buying more skincare products. As of 2022, revenues in the beauty and personal care industry have reached US$534 billion. Of this, the skincare segment makes up a total revenue of US$153.30 billion, growing at a CAGR rate of 5.19% in the next five years.

Is It Ethical to Be “Overemployed”

Is It Ethical to Be “Overemployed”?

According to the American Bureau of Labor Statistics of August 2022, more than 7.5 million workers in the U.S. are overemployed, that is, they hold more than one job. With the pandemic leading to an increase in remote working and making people concerned about job safety, it doesn’t take a genius to see why people would choose to work multiple jobs.