Cryptojacking
November 20, 2020Authors: Emily Glazier and Henry Kenyon
What is Cryptojacking?
Cryptojacking is an online threat where someone is able to penetrate through a systems firewall and run strategic mathematical code in the background. The user who is getting “jacked” does not know that there is an intruder within their system. Once the processes are complete, the information is then sent back to the intruder. There isn’t a trace left behind of the attacker’s presence on the system. This strategy of online attacking started in September of 2017 when Bitcoin was at its height. The attacks primarily come in three different forms. There are file, browser, and cloud based.
How Does it Happen?
The intruder is able to locate a system that is vulnerable and easy to access. They’re able to gain access to the system over the LAN/WAN connection. LAN stands for Local Area Network: consisting of one server and other devices that are communicating with that one server. WAN stands for Wide Area Network. There are multiple servers and devices that cross communicate between different servers. Once they’re inside the system, they are able to run their commands. This can primarily happen when someone clicks a link or when JavaScript is embedded in a website that causes an internal application within the system to launch which will then initiate the processes. JavaScript is a programming language that is commonly used applications that you use on a day-to-day basis, but it can also be embedded in certain websites for malicious purposes. This makes it so that if you are visiting a vulnerable website, attackers can easily gain access to your system due to vulnerabilities in JavaScript.
The Comparison Between Cryptojacking and Ransomware Attacks Over Time
Though many people are familiar with ransomware attacks, it is evident with research that many people are being left in the dark, and have no knowledge of cryptojacking. The graph below shows the relationship between Cryptojacking vs. Ransomware Attacks over 2018. It shows a significant increase (positive correlation) in Cryptojacking crimes, peaking in December. This data is from IBM. International Business Machines Corporation (IBM) is a multinational computer technology and IT support corporation that develops computers and hardware that people can purchase. As shown in the graph, in the first Quarter of 2018 there was a 45% decrease in the number of ransomware attacks and that is due to the fact that cryptojacking can get someone more money, it is faster, and they’re able to leave no traces of their presence on the system.
Cryptojacking vs. Ransomware Attacks in 2018
Signs of Possible Intrusion
There are several signs of being cryptojacked, which include:
A significant decrease in the systems speed performance
Windows opening on their own
CMD window opening on its own
Increased electricity bill
Devices overheating
Increased use of cooling fan
How to Protect Yourself
There are several methods to protect your devices from falling victim to cryptojacking.
Blocking JavaScript can prevent you from using other functions
Installing NoCoin extensions, that blocks cryptojacking in browsers such as Chrome and Firefox
Installing MalwareBytes, which blocks cryptojacking on Windows, Mac, and Chromebook
Scanning for malware on your device using anti-virus software
