Cryptocurrency investors are constantly alerted to the threat of hackers trying to steal money from online cryptocurrency trading and have said they keep their cryptocurrency offline as a precaution. But now comes a new threat in the city and the way to prevent it may not be that simple. Cryptojacking, also known as malignant cryptomining, is one of the latest threats to cryptocurrency investors and in the hacking sector has overcome malware in its number of attacks in 2018. Kaspersky reports that almost half of the users suffered an attack type "cryptojacking" in the past year, and this number should not decrease until it continues to be profitable for hackers.
This guide takes a look at this new threat, exploring the trends forecast for 2019, and what precautions cryptocurrency investors can take to defend themselves against cryptojacking.
What is Cryptojacking and why is it harmful?
Basically, cryptojacking is stealing computer processor (CPU) resources from your computer to mini-cryptocurrencies. It's not just your computer, there are hundreds or thousands of desktops and laptops, Windows servers and even mobile devices, since encryption of traditional coins like Bitcoin and Monero consumes so much CPU. Hackers have discovered that cryptojacking is the only way to compete against the powerful computers used to extract these coins. Most cybercriminals prefer to concentrate their efforts on the extraction of more anonymous coins such as ZCash and Monero to avoid any tracing (Bitcoin transactions have been successfully tracked by ordering forces).
Because cryptojacking attacks such a large number of targets simultaneously over a long period of time, many users are not even aware that they have been encrypted, except for higher bills or a slower computer. But when cryptojacking is resized and larger organizations with many different computer systems are attacked by cryptojacking, costs can be much more consequential. Server encryption can be particularly damaging, as in the case of the Smriteru crypto mining botnet that infected computers in Russia, India and Taiwan and had raised over $ 3.6 million by the end of January this year.
How does Cryptojacking work?
This method of attack will not disappear soon. If anything, it is at the initial stages and will grow only in sophistication. Currently, there are two main methods for launching a cryptographic attack:
Malware Script – This method implies that a user downloads a link containing malware, which downloads the code installed on the computer to start the cryptocurrency mining from it. Unfortunately, even the best anti-viruses do not offer much protection. This type of cryptojacking takes control of your computer, but unlike traditional malware, cryptojacking does not damage your computer because hackers are thinking long-term. Remember: cryptojacker must continue to use computer resources over time to successfully extract cryptocurrency. (There are exceptions, however, Loapi, an Android malware whose encryption is so aggressive as to actually damage your device.)
JavaScript code in the browser – Often referred to as encrypted drive-by, this method involves targeting many computers by injecting malicious JavaScript into a Web page. Any machine that browses that page can become cryptojacked. However, not all in-browser approaches to cryptocurrency mining are malicious. The idea was born as a way for web publishers, especially those in the gaming or content industry, to monetize through cryptocurrencies. Users would have used the site and, in return, the site would have asked to use the processing resources for cryptocurrency. The difference between an honest and dishonest approach to this JavaScript code? Honest sites release your computer when you leave the site and talk openly about their approach. The dishonest sites do not release the computer later and are not clear on their terms of use.
The second method of cryptojacking is rapidly gaining popularity. In 2018, browser cryptojacking increased by 31% and was found in 33,000 sites with 1 billion monthly visits.
How can you prevent encryption
Unfortunately, it is difficult to completely prevent cryptojacking, but there are some steps you can take to protect yourself. First, be very careful when clicking on links in emails, mobile phone messages, and all types of online advertising. Be sure to download only from reliable links.
Here are some additional suggestions:
- Use an ad-blocker – One of the most popular places to inject cryptojacking scripts is through web ads. An ad blocker, like Ad Blocker Plus, can be an effective way to detect cryptographic scripts. You can also block specific domains such as CoinHive, a cryptocurrency mining service that has been hijacked by malicious parties for cryptographic purposes.
- Use a plugin like No Coin or Minlocklock – There are some Chrome extensions specifically developed to prevent the extraction of cryptocurrency on your web browser. Both No Coin and MinBlock are free and open-source.
- Install an anti-malware solution – Anti-malware solutions offer protection to the whole computer, not just the browser. Malwarebytes is a reliable anti-malware solution, although there are many others.
On a larger scale, organizations should ensure that their router, IoT devices and firmware are fully up to date and that they use the latest versions of the updated software. They should also consider strict management of user passwords and firewall rules that prevent the remote management of unauthorized Windows Management Instrumentation (WMI). It could also be useful for educated employees throughout the organization on crypto signals that they should pay attention to regularly.
What to look for in Cryptojacking in 2019
Cryptojackers in 2019 will have more ace up its sleeve. Most experts agree that the encryption is still in its early stages and the field will continue to develop. Because cryptomining becomes more popular with mobile phones, it will become a big threat to users. We may even start seeing new "cryptojacking kits", sold on Dark Web to other parties for malicious purposes. With the sharp decline in ransomware in 2018, which has fallen by 30% between 2017 and 2018 compared to the previous period, cybercriminals will thrive on cryptojacking because of its low-level fruit.
And because the field is relatively new, there is still room for growth. An example: attacking MiKroTik routers by altering their configuration and installing Coinhive on all pages served through the router. The infection of 170,000 MikroTik routers allowed the encryption of a huge number of sites. Critics argue that the sudden growth of cryptojacking will continue only when the value of cryptocurrencies continues to grow, which it has done continuously in the bull market at the end of 2017. This bull market has affected the value of Monero in particular, which the favorite currency of cyber criminals also happens thanks to its anonymity. In particular, this currency has also attracted the attention of the forces of order that could shape the future regulation of industry in general and bring cyber criminals to flock to other new and unexplored frontiers.