In some ways, cryptojacking seems like a victimless crime. Hackers steal a bit of computing power from legions of electronic devices – including PCs, network routers and cameras – surreptitiously using it to mine for valuable cryptocurrencies like Bitcoin or Monero.
Virtually unheard of five years ago, cryptojacking has exploded, rising 459 percent since 2017, according to the Cyber Threat Alliance. Unlike other types of hacking, cryptojacking isn’t an outright threat. In fact, the hackers hope you never discover it. Better for them to run quietly in the background, using the accumulated compute power to verify transactions on a blockchain, the digital ledger on which cryptocurrencies are created. By solving the cryptographic equations, the hackers earn digital currency. It’s like printing money, only digitally.
There are two forms of cryptojacking. One is malware that can be delivered to a device in various ways, via a phishing email for example, then uses its processing power to mine 24/7. The other is through mining scripts that hackers insert into the code of websites. These scripts use your PC’s compute power, only its browser visits the website itself.
Today, it’s more of a nuisance than a direct threat - the only sign you’ve been cryptojacked is a warmer computer or an abnormally high CPU usage. Nevertheless, the malware can and should be detected and removed through anti-malware and anti-virus tools, as well as always-on monitoring. Avoiding website-based cryptojacking is more problematic. You could install a “no-script” browser extension, which blocks all dynamic content, but your users won’t be happy. It essentially “breaks” the internet, because dynamic content like video is so pervasive today. Another option is to blacklist certain “known bad” sites, which is neither fool-proof nor easy to maintain.
The capability that cryptojacking demonstrates is where the real danger lies. Today, hackers are hijacking devices to mine crypto. But, tomorrow, they might use it to do more nefarious things, like orchestrating distributed denial of service attacks on a website or hosting illicit content.
So, how can you protect your devices from the cryptojackers? For the malware variant, it’s pretty straightforward:
- Patch, update and harden all your devices and systems, as the hackers are usually exploiting a known vulnerability to deliver the malware.
- Maintain good, 24/7 monitoring to spot it - so you can remove it – in case it manages to get past your defenses.
For the website variant, there are fewer good options:
- Use this tool, https://cryptojackingtest.com/, developed by Opera, to see if your browser is vulnerable. And don’t be surprised if yours is, because most browsers are.
- Use a “no script” program and legitimate ad blocker. Be prepared, however, for complaints from end users. Today’s websites use so much dynamic content, such as video, that eliminating scripts will make websites appear more like the old, static internet of 15 years ago. Users won’t like this stark reversion to “internet 1.0.”
While cryptojacking may not seem like a big threat right now, the underlying system vulnerabilities it exploits should not be taken lightly. For more information on protecting your organization from crypojacking, hackers and other cyberthreats, visit www.btbsecurity.com and learn how we can help you improve your security posture.