CryptoJacking: A Technique Used By Hackers To Mine Cryptocurrencies

CryptoJacking

CryptoJacking: A Technique Used By Hackers To Mine Cryptocurrencies




 

[Update] CryptoJacking is the top Cybersecurity threat for mining cryptocurrencies in 2018. According to McAfee report, it grows approx 630 percent in the first quarter of 2018. The security researchers also found that, the fake Adobe Flash updates to push mining the cryptocurrencies through Malware.

As we all know Cryptocurrencies boom is on rise. In just few months, many cryptocurrencies have reached their all time high and given a hefty returns to their investors. So some of the Hackers are now finding ways to capitalizing these crypto coins by stealing it from user’s wallets. CryptoJacking is the process of using your computer silently to mine cryptocurrencies.

It’s quite similar to Ransomware. In Ransomware, your computer device infects through a file extension. But in Cryptojacking it infects your computer through a browser.

As we all know many Cryptocurrencies are Mineable. So Cybercriminals are using your computer to mine Cryptocurrency. Hackers are also trying to do some phishing via email by sending you a malicious link in the email that silently execute cryptomining code in your computer background. And by hijacking the website they could even insert malicious code in the victim’s browser.

CryptoJackers are now approaching Ad companies to insert malicious ad code to display it to a wide number of users.

CoinHive is the company which developed the script for Cryptojacking as a revenue alternative.

How does it Work?

  • CryptoJackers are using JavaScript on a web-page to mine crypto coins.
  • In browser mining, there is no need to install any software. They are just required to visit that particular website.
  • There is no way to detect malicious link immediately, because it does not affect website performance.
  • It runs silently.

CryptoJacking is on Rise





Last November, Adguard reported a 31 percent growth rate for in-browser cryptojacking. Its research shows 33,000 websites are running crypto mining scripts. Adguard estimated that those site had a billion combined monthly visitors. This February, The Bad Packet Report found 34,474 sites running Coinhive, the most popular JavaScript miner that is also used for legitimate crypto mining activity.

“Crypto mining is in its infancy. There’s a lot of room for growth and evolution,” says Marc Laliberte, threat analyst at network security solutions provider WatchGuard Technologies. He notes that Coinhive is easy to deploy and generated $300 thousand in its first month. “It’s grown quite a bit since then. It’s really easy money.”

How to detect CryptoJacking?

There are some basic ways to detect cryptojacking in your Computer:

  • If your computer is running very slow and giving poor performance.
  • If CPU is heating excessively.
  • We can also detect it via Network Monitoring tools.
  • There are many artificial intelligence companies which analyzes network data to detect CryptoJacking.

According to report CryptoJacking attacks in UK have surged by 1200 percent in just few months. Earlier in Feburary, Information Commissioner’s office attacked by cybercriminals after insert a crypto mining scripts into a browser plugin.

More than 1400 currencies have existence in the crypto market. A privacy focuses cryptocurrency called Monero is commonly mined by Cryptojackers.

Recently Tesla was hacked for CryptoJacking, there are many open source plugins that allow without a password.

How can we Protect?

  • Install Ad blocker and Cryptomining Protection Extensions in your Browser.
  • In Chrome, there is a popular protection extension called No Coin to block Coinhive mining.
  • Ad blocker plus has capability to detect cryptomining scripts.
  • Always Keep your computer and browser updated.
  • Use AntiRansomware protection tools along with your Antivirus.