Cryptojacking: What It Is and How to Prevent It

CryptojackingCryptojacking is on the rise,
don't become a victim

Cryptojacking is the newest form of cyber attacks. This article will take a look at why hackers are using this new form of attack, how to prevent it, and what to do if your company has been attacked by cryptojacking malware.

Cryptojacking, the act of using someone else's computer without their knowledge or consent to mine cryptocurrencies, is one of the newest forms of cyber attacks that security experts are able to identify. While it can be incredibly difficult to identify, if companies are able to catch it early on, they can save themselves loads of money in the long run.


To pull this new attack off, hackers are using a few different approaches:

1. Sending spam emails with malicious links that load crypto mining code onto the victim's computer, or
2. Injecting JavaScript code into websites or online ads that auto-executes once the victim loads them.

Once infected, the mining code works quietly in the background, ensuring that the victim doesn't detect its presence as they go about their day. These hackers are smart, so they ensure that the impact is low enough to the point that users rarely notice that they've been infected.

 

2018 saw an astronomical jump in coin miner malware over the last three months of 2017, from 400,000 to 3.9 million pieces of detected malware. (Source: McAfee)

 

Why Cryptojacking is Becoming Popular with Hackers

Hackers have started preferring this new less-risky method over ransomware because:

  • It's anonymous. It's nearly impossible to connect to code to anyone, especially if the hackers use anonymous cryptocurrencies like Monero and Zcash.
  • It's less noticeable. For individual users, the effects of cryptojacking more of an annoyance than anything else. Cryptojacking isn't stealing anything beyond CPU resources or locking them out of their machines, so even if the code is detected, victims have very little incentive to try to track down the hacker.
  • It's more profitable. With ransomware, hackers might be able to squeeze three out of 100 people into paying, but with cryptojacking, all 100 of these machines will grind away for them, mining cryptocurrencies.
  • It's cheap and easy to implement. You don't need to a super-experienced hacker to pull off something like this; if you know how to get on the dark web, you can buy a cryptojacking kit for about $30.

While cryptojacking isn't that big of a deal to individual users, it can result in devastating costs for enterprises. Not only can it lead to smaller performance issues that add up over time, but your help desk and IT staff can waste loads of hours trying to figure out why users are having performance issues. Since cryptojacking code is so hard to detect, your IT departments may even replace individual components or even entire systems trying to solve the problem.

New attack vector: cryptojacking

For years, ransom-based cybersecurity attacks and ransomware have been the bread and butter of hackers, but recently Radware has reported a rise in hackers adopting new attack vector: cryptojacking. (Source: Radware)

How to Prevent Cryptojacking

There are things you and your organization can do to minimize the risk of becoming a cryptojacking victim.

Education/Training

When you're planning your company's security awareness training program, address cryptojacking and make sure you focus on the phishing-style attacks that hackers use to load malicious code onto devices.

Also, make sure your help desk is aware of the signs of cryptojacking so that they can be on the lookout for a spike in slow performance complaints.

"Training will help protect you when technical solutions might fail," says Marc Laliberte, threat analyst at network security solutions provider WatchGuard Technologies.

Do you know that...?

Master Internet's next-gen hardware firewall, FortiGate, protects their customers against many kinds of attacks, including those that cryptojacking hackers use. Thanks to FortiGate's sophisticated email filters, Master Internet customers can rest easy knowing their systems are in good hands.

More about firewall

Browser Extensions

Since hackers like to use ads to deliver their scripts, install an ad-blocker and anti-cryptomining extensions (like [No Coin](LINK) or [MinerBlock](LINK)) to the browsers that your employees use. 

Also, keep an eye on the other extensions people in your company are using. Some hackers are hijacking legitimate extensions (or even developing their own) to execute their code.

Web Filtering

Make sure you're constantly updating your web filtering tools. If you detect that a page tried to load malicious code, don't allow your users to reaccess it.

You were attacked, what now?

If you've already fallen victim to an attack, there are a few things you can do.

Kill the tab and blacklist the site. Thankfully, once you've detected an in-browser JavaScript attack, it's pretty easy to solve. All you have to do is kill the browser tab and make a note of the website so that IT can add it to their company-wide web filter.

Check browser extensions. If the culprit is a browser extension, closing tabs won't help. Make sure all the extensions on the infected machine are updated, and if the problem still exists, remove all unnecessary extensions.

Invest in anti-crypto mining tool solutions to ensure that the hacker can't get back into your system.

The right place for your data

OUR DATA CENTERS ARE LOCATED IN PRAGUE AND BRNO