Cryptojacking
Cryptojacking is the unauthorized use of someone else’s computer to mine cryptocurrency. To infect their victim computer, hackers send a link in an email. The email that the hacker sends contain a cryptomining code that if the victim is clicking or open the email, the code auto executes and infecting the computer. Hacker also infecting a website or online ad with a javascript code that auto-executes once it loaded in the victim’s computer.
The cryptomining code is working in the background which make the victims can’t notice if their computer is infected or not. The only sign that the victim can notice is slower performance and lags when they use their computer.
How Cryptojacking works
Hacker use two primary ways to get a victim’s computer secretly mine cryptocurrencies. The first way is that they need to trick the victim so that the victim wanted to load the cryptomining code. This way can be done through phishing-like tactics: victims receive a legitimate-looking email that encourages them to click on a link. The link runs code that places the cryptomining script on the computer. The script then runs in the background as the victim works.
The other way to get into a victim’s computer is to inject a script on a website or an ad that is delivered to multiple websites. Whenever the victim visits the website or clicking an ad that already infected, the script automatically executes. The code runs complex mathematical problems on the victims’ computers and sends the results to a server that the hacker controls.
Some cryptomining scripts have worming capabilities which allow them to infect other devices and servers on a network. It also makes them harder to find and remove.
Impact of Cryptojacking
Cryptocurrency mining is a struggle to balance profitability vs. costs. When a cybercriminal uses cryptojacking malware, the entire cost burden is shifted to the victim’s device. The CPU power and electricity (energy) cost is left to the user, who in many cases is unaware such illicit activity is taking place.
Cryptojacking malware can affect any device that has the ability to perform the mathematical computations needed for mining (hashing) for cryptocurrency. While a single device may not mine large sums of cryptocurrency, cybercriminals look to enslave as many devices as possible to maximize their profits.
How to prevent our computer from cryptojacker
To prevent cryptojacking, first user can install an ad-blocker in the computer because ad-blocker helps user to prevent most of the cryptojacking scripts that available in the internet. The second thing that user can do is to keep the systems updated, up-to-date system can fix a hole in the system which protect the system from being able to be breached. Blocking URL/IPs of infected cryptojacking sites and domain also helps the user not accessing the sites that already infected. Implementing network system monitoring also can detect excessive resource utilization. The last thing that user can do is that they need to educate themselves on signs of infection.
References
Committee on National Security Systems: National Information Assurance (IA) Glossary, CNSS Instruction No. 4009, 26 April 2010.
https://www.nist.gov/cyberframework/online-learning/five-functions, accessed July 5 2020