What is Cryptojacking?
Cryptojacking is a type of cyber-attack that involves the unauthorized use of someone else’s computer or device to mine cryptocurrency. It is a form of cyber-attack that has become more prevalent in recent years as the value of cryptocurrencies has increased. It happens when a hacker infects a computer or device with malware, enabling them to use the device’s processing power to mine cryptocurrency. The victim’s computer or device becomes part of a network of devices used to mine cryptocurrency for the attacker’s benefit as the victim’s computer runs slower and consumes more electricity as a result.
How Cryptojacking works?
- The attacker embeds cryptocurrency mining software into a website or a piece of software that the victim downloads and installs.
- When the victim visits the website or launches the software, the mining software begins to use the victim’s computing resources to mine cryptocurrency.
- The mined cryptocurrency is then transferred to the attacker’s wallet.
- The victim’s computing resources are used without their knowledge or consent, often causing their device to slow down or crash due to the strain on their hardware.
One of the key characteristics of cryptojacking is that it is often difficult to detect. The malware that is used in a cryptojacking attack is designed to run quietly in the background, so the victim may not even realize that their computer is being used for cryptocurrency mining. This makes it difficult for antivirus software to detect the malware, and it also makes it difficult for the victim to identify the source of the problem.
Methods of Cryptojacking:
- Malicious browser extensions: Some browser extensions are secretly mining cryptocurrency in the background while the user is browsing the web.
- Malware: Cryptojacking malware is a type of malicious software that is designed to infect a victim’s device and use its resources to mine cryptocurrency. This type of attack can be delivered through phishing emails, social engineering, or other means.
- Rogue cloud instances: Cryptojacking attacks can also occur in cloud environments, where attackers can spin up rogue cloud instances to mine cryptocurrency.
- Unsecured servers: Attackers can also exploit unsecured servers and use their computing resources to mine cryptocurrency.
However, there are a few ways by which one can detect the attacks, such as:
How to detect the attack?
- Monitor your computer’s performance: If your device is experiencing unusually slow performance, including a sudden drop in processor speed, it could be a sign of a cryptojacking attack.
- 2. Check your browser: Some cryptojacking scripts will run in the background of your browser. If you notice any suspicious activity, such as ads that keep popping up or constantly reloading pages, it could be a sign of a cryptojacking attack.
- 3. Check your network traffic: If you have access to your network’s traffic, you can monitor for any unusual activity. If you notice a large amount of data being sent to or from unknown sources, it could be a sign of a cryptojacking attack.
- Monitor your electricity usage: Cryptojacking can use up a lot of electricity, so if your electricity bill suddenly increases, it could be a sign of a cryptojacking attack.
- Install anti-cryptojacking software: Anti-cryptojacking software can detect and block malicious scripts from running on your device.
Cases of Cryptojacking:
- One of the first instances of a cryptojacking attack on an industrial control system happened in the year 2018 when the operational technology network of a European water utility control system was the target of cryptojackers, substantially impairing the ability of the operators to manage the utility plant.
- In 2021, a new strain of the ‘Sysrv’ malware was discovered that specifically targeted web servers and was used to launch cryptojacking attacks.
- In 2019, researchers discovered a new type of malware called “Fileless” specifically designed to evade traditional security systems and used in widespread cryptojacking attacks.
Despite the difficulties in detecting and protecting against cryptojacking, it is still possible to take steps to minimize the risk of falling victim to these attacks. For example, individuals can be cautious when opening email attachments or visiting websites and be vigilant about keeping their operating systems and antivirus software up to date. Organizations can also take steps to educate their employees about the dangers of cryptojacking, and they can encourage their employees to report any suspicious activity on their computers. They can also implement security awareness training programs that help employees to understand the risks associated with cryptojacking and other forms of cyber-attack. Cryptojacking is a growing threat that poses a serious risk to individuals and organizations alike. While there is no foolproof method for preventing these attacks from happening, it is still possible to take steps to minimize the risk of falling victim to a cryptojacking attack. Individuals and organizations can reduce the risk of falling victim to this growing threat by being vigilant, taking precautions, and implementing effective security measures.
- Cryptojacking (interpol.int)
- What is Cryptojacking & How does it work? (kaspersky.com)
Author: Ms. Sakshi Singh, Intern , CyberPeace Foundation.