First there was hacking. Then there was ransomware, phishing, and denial-of-service attacks. Now the latest kind of cyberattack is called cryptojacking.
Although the symptoms may not be as dramatic as other forms of cyber crime, the results should not be underestimated. Also unlike most cyberattacks, the threat is not meant to be exposed.
Essentially, cryptojacking is when a criminal hijacks a computer — a laptop, desktop, tablet, server, or even mobile device — and uses it to mine cryptocurrency without the user’s knowledge or permission.
In order to mine cryptocurrency legally, someone has to build a dedicated cryptomining computer, and pay for the internet and power bills that go along with it. Criminals who would rather not go through that trouble and expense steal those computing resources from their victims’ equipment.
That’s why you might not even notice that it’s happening — in fact, the criminal is hoping that you won’t notice so that he can keep it going as long as possible. But it isn’t a victimless crime. Like a leech, cryptojacking is feeding off of your resources and will tax your computer system, slowing down other processes, increasing your electrical bills, and decreases the life of your computer. An extremely subtle attack might not raise any red flags.
If your notice the fan on your PC or Mac kick in more than usual, that could be an indication that your device is compromised. Also be on the lookout for your machine operating slower than usual.
What motivates someone to do something like this? Money. Mining cryptocurrencies is especially lucrative when you aren’t paying anything to extract coins.
How do cryptojackers get in?
Like any cyberattack, by understanding how the threat works, you’re better able to defend against it.
One of the methods used to infiltration is a classic malware strategy. The victim clicks a malicious link in an email, and the cryptomining code is installed directly onto their computer. Once infected, the cryptojacker begins mining bitcoin in the background. This is a local threat to a PC, meaning that the computer itself is infected.
Another way it works is something called “drive-by cryptomining”. This is a piece of code installed on a web page. When victims visit that page, their machines begin cryptomining for the criminal.
What’s the best way to defend against cryptojacking?
As you can see, this kind of cyber crime is very hard to detect. Once detected, it’s also difficult to detect the source of the infection. The best offence is a good defence: getting a security solution installed before the attack is far better than getting it after.
One solution is to block JavaScript in your browser so that it’s unable to victimize you as you browse the internet. The downside is that you may use JavaScript for other things. You can get programs that block mining activities in certain browsers.
The best solution is probably to get a comprehensive cybersecurity program to run on your devices.