Cryptojacking is a process using which cybercriminals overtake devices like PCs, mobile phones, tabs or smart home devices for mining cryptocurrency without the knowledge of the owners of said devices.
This is done via a malicious script that has been downloaded on your device alongwith an unsecured software download. Such scripts run in the background and usually make your device slower as the processes are being used to mine cryptocurrency.
Reasons why cryptojacking takes place
The cryptocurrency revolution has enticed a lot of people, and this holds true for cybercriminals too. In an age where cybercriminals use ransomware attacks – obtaining personal information of people and using this to blackmail them in exchange for some cryptocurrency – cryptojacking is the new trend.
While cryptojacking, they don’t have to go the extra length to blackmail people but can instead use their victim’s device for mining cryptocurrency.
The more devices they get access to, the better the processing power, which translates into greater mining efficiency.
Cryptojacking attacks are primarily carried out to mine Monero or any other altcoins, which are a type of cryptocurrency that has average processing requirements and cannot be traced. This makes it difficult to monitor where these coins mined on a victim’s device are sent.
“Stealing has moved from using a gun to using a computer. And as long as cryptocurrencies have value, criminals will use computers to steal it. What cryptojacking shows is that someone doesn’t even need to own cryptocurrency to be a victim,” says Kevin Haley, Director of Symantec Security Response
Also read: 15 important cryptocurrency terms that you should know
How cryptojacking works?
Any device that runs software and is connected to the internet is susceptible to a cryptojack attack. Mostly, desktops are targeted because they have higher processing capabilities as compared to other handheld devices like smartphones or tablets.
Drive-By Attack
This is a prevalent type of a cryptojack attack. If a device that can open a web browser opens a website that has an embedded mining JavaScript in its source code, crytojackers can get the necessary processing power required to mine the cryptocurrency.
‘CryptoHive’ was such a mining script that was detected to be embedded in PirateBay’s source code. Pirate Bay is a popular website that provided torrent downloads for popular movies and TV shows, and is presently banned from use.
Cryptojacking malware
Common cryptojacking malware is available and like any other malware it can trick you and install itself on the device, following which a mining script will run in the background.
Since new-gen mobile phones also have much more advanced processing units than before, cybercriminals have also tried to attack phones by wrapping a cryptomining script into apps and deploying them on popular App Stores such as Google Play Store, Apple app store and Amazon app store.
These attacks can also take place in IoT networks wherein once they get access to the smart devices in that network, they can use their processing capabilities for mining crypto coins as well.
Also read: 3 major problems with Cryptocurrency
How to detect cryptojacking?
The common symptoms of a device that has been cryptojacked includes:
- Performance is decreased
- High CPU usage recorded in the Task Manager
- The device heats up too soon due to increased use of the processor
- Faster battery drainage noticed in case of Laptops and Mobile Phones
- PCs will consume more power than usual, and you will be charged much more than before for electricity on your monthly bill
How to prevent cryptojacking?
Web Browsers
As soon as one closes a window or navigates away from a page that has been cryptojacked, cryptojackers lose access to that device’s processing units. So remember to always close tabs that are not in use and try not to visit sites that are not trustworthy.
Install dependable Anti-viruses
Always purchase trustable anti-viruses like Kaspersky, BitDefender and Quickheal, among others, that will detect and remove malware from your device.
Install apps from trusted App Stores only
Google was able to remove all the apps that had cryptomining scripts in their codes from the Play Store. If you download apps from other untrusted third-party sources, you are likely to be susceptible to cyrptocurrency attacks.
In the news: Opera Touch launched for iOS with Ad blocker and cryptojacking protection