Hackers have found ingenious ways to hijack the popularity of cryptocurrency and milk it in the form of cryptojacking. First reported in late 2017, cryptojacking is the unauthorized use of devices to mine cryptocurrency. Think of its as an offshoot of cyber theft, but instead of your financial or personal information, hackers are stealing your computer’s power and processing resources to, ultimately, pocket cryptos.
There are three ways by which hackers hijack a device to secretly mine cryptos:
The first is by tricking unsuspecting victims into clicking and downloading a code. Once installed on the device, the code can carry its unauthorized mining without the owner knowing. This file-based cryptojacking is similar to phishing scams where users receive authentic-looking emails that lure them to click a link.
The second tactic is through web browsers like Chrome, Safari, and Mozilla. Hackers use programmable language to create a script and embed it into websites that the user accesses via a corrupt web browser. When a user goes to a website, the script automatically runs. This tactic yields no traces of code, leaving the user clueless.
Lastly, hackers may target cloud services to look for API keys. Once located, the keys are used to access the owner’s CPU resources so hackers can mine cryptocurrency, resulting in increased electricity and power consumption. Although this tactic is more complex than the previous two, it remains a threat especially for companies that adopt cloud services.
Cryptojacking incidents
As crypto’s popularity rose, so did cryptojacking incidents. According to SonicWall, a California-based network security provider, there were 51.1 million incidents related to cryptojacking in the first six months of 2021, a 23% surge from the year-ago period.
The first widely reported cryptojacking attack was in September 2017 at the height of Bitcoin. Now-defunct cryptocurrency mining service Coinhive published a code that website owners were supposed to run on their device to mine cryptos and earn money. Hackers took advantage of this and exploited the code using their own scripts, hijacking the power resources of unsuspecting website visitors and mining Monero crypto.
In a separate high-profile case in 2018, a code was discovered to be embedded in the Los Angeles’ Times’ Homicide report page, attacking the device of anyone who visited the said website. The script was also used to mine Monero, but the incident was not immediately detected as the hackers used minimal processing resources out of the victims’ devices.
How can you protect your device from cryptojacking?
Check Your CPU’s Usage
Any unusual increase in the usage of your central processing unit (CPU) when loading a website or page with very minimal media content is a red flag. You can check this through your device’s Task Manager or Activity Monitor.
Another sign of an attack is a sudden decline in your device’s performance. Barring connectivity issues, if your PC is taking so long to load a page, this might be an indication that your device is already comprised. Regularly checking your device’s CPU will minimize any impact of such attacks on your system.
Install Anti-Virus and Anti-Malware Software
As the old adage says, prevention is better than cure. Install and update your anti-virus software to protect your device against cyberattacks. Some of the leading options are Webroot, McAfee Total Protection, Bitdefender. In some cases, you may have to perform manual scans periodically or install software updates.
Browser Maintenance
Many cryptojacking incidents occur on web browsers and prey on unsuspecting visitors. Hence, it pays to regularly check that your browser is updated. Chrome, Mozilla, and other peers regularly update their browsers to add basic defenses against new forms of cyberattacks.
You must also pay attention to your browser extensions as numerous malware pose as apps. If something looks unfamiliar, best to delete it to protect your device.
Use Anti-Crytpomining Extensions
There are several anti-miner extensions that block cryptomining scripts from penetrating your browser. Some examples are Miner Block and Anti Miner, both of which can be installed for free and are available on Google Chrome.
Use Ad Blockers
While you might think that they are harmless, some pop-up ads could compromise your device through a cryptojacking script hidden within the said ad. You can add browser extensions like AdBlocker to prevent this from harming your device.
About AlgoBlocks
📹 Demo Video: https://www.youtube.com/watch?v=D3ZnUAqFdWg 🌎 Website: www.algoblocks.io 🐦 Twitter: https://twitter.com/Algoblockstrade 📎 Whitepaper: https://algoblocks.gitbook.io/algoblocks/ 🎮 Discord: https://discord.com/invite/vbtrYAd4ma 👥 Telegram Group: https://t.me/algoblockss 🗣 Telegram Channel: https://t.me/algoblocks ✍🏻 Medium: https://medium.com/@algoblocks 💼 LinkedIn: https://www.linkedin.com/company/algoblockstrade/
Commentaires