As the name signifies, crypto jacking is the unauthorized use of a computer, tablet, mobile phone by cybercriminals to mine for the cryptocurrency. According to Norton, in the last few years, crypto jacking has gained ground as cybercriminals are able to hack into machines with just a few lines of code. Meanwhile, it is the victim who has to bear the cost of computation and electricity required to mine cryptocurrency while the cybercriminals walk away with the tokens.
Sign up for your weekly dose of what's up in emerging technology.
Data from Norton shows that towards the end of 2017, when the value of cryptocurrencies shot up significantly, there were around 8 million coin-mining events blocked by Symantec in December alone. Since crypto jacking can deliver lucrative results, miners resorted to the coin-mining activity which increased by 34,000 per cent over the course of the year.
Understanding cryptocurrency mining
Let’s define cryptocurrency. This is a digital asset that has been created to work as a channel of trade. The technology uses a process named cryptography which guards all of the transactions and regulates the formulation of additional units of the currency. These digital currencies are also categorised as alternative currencies and virtual currencies.
According to whitepaper authored by Cyber Threat Alliance, Cryptocurrencies are developed through a process known as mining, wherein the digital currency is awarded to individuals or groups that use computing processing power to solve complex mathematical equations. In the majority of cases, mining is conducted by users legitimately through programs or applications that run on computers or via web browsers that mine coins. Cryptomining allows limited mining of Crypto assets and regulates their production by making it difficult to release new assets when a huge amount of blocks are mined. Some of the most popular cryptocurrencies are Bitcoin, Ethereum, Litecoin, Monero and Zcash. Bitcoin was the first blockchain coin to be introduced in the market. According to CTA whitepaper, the majority of hackers mine Monero as the computing resources required for this virtual currency are less as compared to other currencies.
What are the ways crypto jacking is carried out?
Cryptojacking has become an attractive alternative for cybercriminals and in the last few years has emerged as a lucrative revenue generation option. Let’s see what are some of the ways crypto jacking works.
Malicious emails or phishing which can plug crypto mining code on the computer: One of the most widely used ways is through malicious emails that can install crypto mining code on a computer. This is done through phishing tactics wherein the user receives an innocuous link or an attachment in the email. When the user clicks on the link or downloads the attachment, this triggers the code that downloads the crypto mining script on the computer. This script functions in the background. In this instance, the hacker receives the result on his server directly.
Web browser miner: Another widely used tactic is web browser miner wherein the hacker plugs in the crypto mining script on a website or in an ad. This is one of the most commonly used methods and when users visit the website or click the ad, the script is automatically executed. In this case, there is no code stored on the victim’s computer.
How to detect crypto jacking on your device
Just like any other malware infection, illicit cryptocurrency mining can be detected. Here are some of the ways to prevent crypto jacking
- An increased processor usage on your device is an indication of malware
- Sluggish or unusually slow response times
- Overheating of the device can also be caused due to crypto jacking
Cryptojacking Is Here To Stay
Some of the recent examples of illegal crypto mining are where YouTube was caught in the crypto scandal when one of the YouTube ads was compromised and began mining operations in users’ browsers. Meanwhile, recent reports indicate that Facebook Messenger and Starbucks Wi-Fi users were also victims of coin mining operations when their services were compromised by hackers who were using CoinHive.