Cryptojacking is the latest trend used by cybercriminals to steal from regular users. However, in this case, it is not sensitive data such as social security numbers or credit card information that is stolen. Cryptojacking is a process whereby attackers use the host operating system to mine cryptocurrency to their wallet address. They are using electricity to mine the new form of finance.
Cryptojacking on the Rise
It is much more lucrative to cybercriminals than some of the old methods, such as ransomware. Cryptojacking software can infect, in some instances, millions of computers, all used to mine a cryptocurrency. The only notification that a computer is infected will typically be a massive electricity bill. In China, over one million computers were reportedly infected in a huge cryptojacking heist involving internet cafes and computer hardware companies. The cryptocurrency most often chosen is Monero (XMR). It is one of the most secure and untraceable privacy coins, nearly impossible for authorities to detect.
According to a McAfee Report, cryptojacking has increased by 86% in Q2 2018. Governments and universities are prime targets for cryptojacking malware. Coinhive, a JavaScript-enabled cryptojacking malware, infected over 400 large websites. Infected sites were compromised due to using an outdated version of Drupal (one of the popular content management system). Cryptojacking can typically affect organizations more than individuals. With hundreds of computers all draining electricity and computing resources to mine cryptocurrency for hackers, the cost adds up. However, the first quarter of 2018 saw a 4000% increase in Android cryptojacking, meaning that even personal smartphones are not safe.
How to Protect Against Cryptojacking
Many of the basic security principals will protect against cryptojacking. The most important consideration is to stop downloading and running free software as much as possible along with opening questionable email attachments. Viruses can only run on your computer when you give them permission. It is also a good idea to updates all versions of the software. Coinhive mainly infected outdated versions of Drupal for this reason, and updates are essential for any OS or web service.
Cryptojacking malware can launch on your computer when you click on a malicious link in an email. Certain web pages can also have cryptojacking malware installed using JavaScript (such as the Coinhive malware), so visitors to that page will be mining cryptocurrency. This is known as drive-by cryptojacking, and can even infect Android devices. Even when the user leaves the page, a hidden popup is still running which is draining system resources. These popups are often designed to fit under the clock or taskbar so they cannot be seen. This can be prevented by disabling JavaScript on websites and enabling it on the ones that you need to use.
It is also imperative to avail of a high-quality antivirus solution to protect from cryptojacking. This will streamline device security. Instead of manually trying to check for viruses on your device, the antivirus solution is constantly on the lookout for malicious activity. Many of these antivirus programs serve multiple purposes, including ad blockers, VPNs, malware detection, password management etc. It is difficult to detect cryptojacking malware without an antivirus program. This is because they are designed to hide in the background without being noticed.
The first signs of cryptojacking will be a computer that is slower than usual along with a large electricity bill. The best option for preventing cryptojacking (sometimes called crypto mining) is perhaps to use a specialized extension on a major browser which is designed to prevent it. Such programs include “No Coin” and “Miner Block”. The latest version of the Opera browser even has No Coin built in.