Cryptojacking is a recent phenomenon in the incidences of cyber security breach. It essentially is tied up with mining of crypto currency, so let us first understand what that is and then turn to cryptojacking again.
About Crypto Currency
Crypto currency is a new electronic cash system that uses a peer-to-peer network to prevent double-spending. It’s completely decentralized with no server or central authority. A typical crypto currency consists of a network of peers. Every peer has a record of the complete history of all transactions and the balance of every account, maintained as a blockchain. A transaction gets confirmed only when the networking peers confirm it. Crypto currency mining is a process in which transactions for various forms of cryptocurrency are verified by miners and added to a blockchain digital ledger. In other words, only miners can confirm transactions. This is their job in a cryptocurrency-network - they take transactions, stamp them as legitimate and spread them in the network. After a transaction is confirmed by a miner, every node has to add it to its database. It has become part of the blockchain. The mining process itself involves solving complicated mathematical problems with cryptographic hash functions that are associated with a block containing the transaction data.
The first cryptocurrency miner to crack the code is rewarded by being able to authorize the transaction, and in return for the service provided, cryptominers earn small amounts of cryptocurrency of their own.
What Cryptojacking is
Let us now come back to cryptojacking and see how all the above fits with it. You see, it takes a huge amount of computing power to solve the blockchain puzzle. Miners are typically people with limited computing resources, operating with one or two machines. As the race to mine the next piece of information that will validate the blockchain hots up, miners look at more and more resources to solve it first. Enter cryptojacking. Simply put, cryptojacking is the unauthorized use of someone else’s computing power to mine cryptocurrency.
How Cryptojacking Works
A prime example of how deep rooted the problem is can be gleaned from the fact that some websites of the government of Ontario have been compromised. In this particular case, cryptominers took advantage of a vulnerability in a plugin called Browsealoud before the parent company took it down.
The Cryptojacking Gold Rush
Experts fear that cryptojacking is entering a ‘gold rush’ phase, and that hackers are
slowly turning from ransomware to cryptojacking. While this can be considered as the lesser of two evils, these experts fear this trend will continue only as long as the prices of cryptocurrencies are on the rise.
There are three major reasons why cryptojacking is on the rise:
- It does not take too much technical knowledge to run a cryptojacking script. Readymade cryptojacking kits are available for less than $50 on the dark web.
- it is difficult to catch the culprit who is cryptojacking vis a vis ransomware. The crypto mining code runs in the background and unless you are very alert, you do not even realize that something is amiss. Secondly, it is very hard to trace back to the source, and since the cryptojacker does not steal anything save CPU power, most victims do not bother to pursue the perpetrator.
- Once a computer is infected with the cryptojacking script, it starts stealing CPU power in all instances. In ransomware attacks, there is a strong likelihood that the victims refuse to shell money; opting instead for formatting their machines.
Since cryptojacking is more of an annoyance than threat, most people consider it relatively harmless. However, it costs network cost, electricity and CPU wear and tear if not apprehended at the start.
Detection and Prevention of Cryptojacking
As has been pointed out repeatedly, detecting cryptojacking is not easy. The first visible signs that your CPU has been hijacked are when the fan starts to overheat or the machine becomes slow. In extreme cases, the machine may stop functioning, especially a tablet, smart phones or a thin client.
Since it is not easy to determine if your CPU has been hijacked, it is not easy to find a fix either. As mentioned above, cryptojackers usually use either a web server or infiltrate a machine. The best way is to monitor your web server periodically for any changes in the web pages. Secondly, use updated anti-virus and boot scan your machine at least once a week. If you have an office expert, it is better to hire a professional internet security service provider; that would be your best bet. Do remember that cryptojacking is only a part of cyber security and there are other threats lurking around!