Cryptojacking

Act before you fall victim

Taba Zimmerman

What is cryptojacking?

A nefarious scheme to utilize devices (computers, smartphones, tablets, etc), without the consent or knowledge of the owner, to covertly mine cryptocurrencies (such as bitcoin) at the cost of the victim.

 

This is a relatively new online threat, but is emerging as one of the most prevalent.

 

How it works

Some methods of cryptojacking are utilized that act like classic malware. An email is sent to you (appearing to be from someone you know) containing a link that sends you to a malicious site that instantly loads a cryptomining code onto your computer. Once the device is infected, the cryptojacker hides in the background processes of your system and works constantly to mine cryptocurrency.

Another method is called drive-by cryptomining. This involves the embedding of a piece of JavaScript code into a web page. Anyone who visits the infected page has their system mined for cryptocurrency. This form of cryptojacking can infect Android devices, as well; however, some of the attacks are performed through hidden Trojans in a downloaded app.

While cryptojacking does no damage to a victim’s data, it is still stealing the resources of the processor in your devices, which make your systems run much slower, and, for larger organizations affected, can incur extreme costs in electricity, IT labor and missed opportunities.

 

Detection and Prevention

It is extremely difficult to detect that a system was affected by cryptojacking after the fact and finding the origin of the high CPU usage is incredibly challenging. Some processes may be hiding or masking themselves as something legitimates to hinder you from ending the drain on your device’s systems and the slowness the cryptojackers cause will make it even harder to troubleshoot the issue.

There are some options to protect yourself from cryptojacking, however. One such option is to block JavaScript in the browser you use for internet browsing to interrupt the drive-by cryptojacking, but this could also block you from using certain features that you like and may need. Another option is to use specialized programs that block mining activities in popular browsers. Some of these have extensions for Chrome, Firefox, and Opera, but ultimately the best option is to install security before you become a victim.

Don't wait until you become a victim.

Join us now and make your company a more secure place.