Cryptojacking — New Step In Malware Evolution
Cryptojacking, also known as hidden mining, is the process of secret use of someone’s computing capacity to mine cryptocurrencies. The term “cryptojacking” is rather new. It appeared in 2016 along with the popularization of digital coins. This is another way to make money on cryptocurrency — however, it is considered illegal. Let's find out what hidden mining is and how many users become cryptocurrency miners without even knowing it.
Bad news is that if you have a computer, laptop, smartphone, or other devices with the Internet access, you may become a victim of cryptojacking. Good news is that attackers may sometimes ask for permission to use your computer, but we'll talk about it later.
Types of hidden mining
There are different ways to implement cryptojacking scripts:
- Malware installed on a computer as legal software. It acts as a trojan and uses processing capacity.
- An add-on to a mobile application. A user downloads the “infected” program from App Store or Google Play and receives a hidden miner that will use the resources of the mobile device.
- An Internet browser — the malicious script can be embedded in the page code. A user visits the website, thus running the mining process. The script will work until a browser or a browser tab is open.
As a rule, ordinary Internet users face a web version of hidden mining. In-browser cryptojacking is often used to mine XMR (Monero). The most famous scripts of this kind are Coinhive and Cryptoloot. The script can be embedded in the code of any Internet page.
There are cases when users were given a choice to watch ads or to allow using their computer for mining. However, no one usually asks for permission. For example, the administration of the populars resource The Pirate Bay started using hidden mining for getting Monero tokens. When this malicious activity was discovered, they declared that it was the way to monetize their website.
Any user's device can be checked for hidden mining. Besides, there are some signs that you are a victim of cryptojacking. Mining is a resource-intensive process, so if your PC began working much slower and your processor is overloaded, this is the first indication that your device is infected with a cryptojacking script. Your smartphone can also be checked for hidden mining: if it overheats or its battery is running out of charge too fast, you are at risk.
How does hidden mining influence businesses?
Not only can private persons become victims of cryptojacking, but also large companies. After all, they are much more profitable. Fraudsters hack computer systems and use the capacity of hundreds of computer devices for mining. Their goal at the same time is to remain unnoticed as long as possible.
According to the Fortinet report, the number of companies that were attacked by cryptojackers increased twice from the Q4 of 2017 to the Q1 of 2018. Fortinet is a big antivirus software corporation. According to the research, hidden mining has become a new threat to users' computers replacing ransomware that was popular in 2017.
Corporations have managed to protect their computers from malicious software by limiting its effects on systems. But today they have to face a more difficult problem, which is hidden mining. In the next article, we'll talk about the ways to protect your devices from cryptojacking.