Rise of Cryptojacking Risks and Mitigation
Hi, Namaste, Hello, Hola, Kon’nichiwa 😄
Cryptocurrencies have been phenomenal. Aside from the computer science marvel that they are, they are also the creator and the destroyer of generational fortunes. And most recently, the market has gone gaga over Bitcoin touching $70000. It is all sunshine and rainbows, but like the pirates that tail the merchant ships returning from a gold rush, it has given rise to some new kind of exploitation methods known as cryptojacking.
According to the DLNews Article, crypto jacking surged by 659% in 2023 compared to 2022 and cybercriminals netted about $1.7billion from Cryptoheists in 2023. This number can surely be expected to go up with the new rally in Bitcoin.
So, it is a pretty serious issue, especially if you are habitual to getting high and clicking links and downloading things when your BTC portfolio starts rallying. By the way, Cheers on the Profits, Mate. Let us explore what cryptojacking is in this article.
Normally, we start with a brief about the tech that we want to talk about and then the issue that we want to figure out. But… it’s a Sunday evening, I just need to get my mind off of some things, and cryptocurrencies are a tad bit complex. So, I will assume all of you who happen to come across this article are either geniuses or are not dumb as me and we will brief just for the sake of briefs. Cryptocurrencies like bitcoin work on a distributed database known as blockchain that operate with the help of peer to peer networks. The blockchain stores information about the transactions, and these transactions are verified with the help of solutions of complex mathematical functions that require a ton of computing power to solve. These functions are solved using participants on the network called miners who are rewarded in cryptocurrencies for the blocks being mined and their efforts involved in that. The miners pay for the computing resources and their maintenance in the hopes of getting rewards for the same. That’s a very high level view of how cryptocurrencies work. A more detailed explanation would perhaps rival the length of Rapunzel’s golden hair, so I will leave that to you to understand on your own.
Coming back to cryptojacking, as I mentioned, mining requires a significant amount of computing resources. Not everyone in this world wants to put in the efforts that are required to enjoy the fruits of wealth. So, this is where cryptojackers come in. These are people who want to get the rewards associated with mining without investing in the computing resources that are required to mine cryptocurrencies. Cryptojacking is the criminal equivalent of cryptomining. For the sake of the article, we will call a cryptojacker as an attacker. They normally mine cryptocurrencies like Monero(due to its privacy enhancements) or Bitcoin. There are broadly two ways in which the attacker attempts cryptojacking. The first is to entice the victim into downloading malware for mining cryptocurrencies using phishing attacks. This method is also known as host cryptojacking. You can read more about phishing and social engineering attacks in this article. The second is to infect a website with malicious JavaScript code that can execute automatically once it loads in the victim’s browser. Combine this malicious code with the capabilities similar to worm and it can infect other devices as well as servers on the network. In addition, when it comes to mobile devices, the similar phenomenon is reflected where the malware and is distributed using mobile apps, sometimes as trojans in a downloaded app, sometimes redirections to an infected site, or sometimes enticing users for monetary rewards that are far less compared to the mined cryptocurrencies.
In most attacks of cryptojacking, the objective is to mine cryptocurrencies rather than to steal data. However, some attacks may also try to steal some sensitive data like credentials. After all, when the fox has put in the efforts to steal the chickens, why not try its hands at stealing eggs as well.
During the attack, the malicious code or scripts that run try to use as much resources as they can while avoiding detection. Even then, these attacks can be detrimental to a great degree. Some of the damages that occur as a direct result of cryptojacking are as follows:
- Adverse Effects on Device Performance: Since the cryptojacking attacks target exploiting the computing resources of a device, this causes a direct decrease in the performance of the device for the routine tasks that you do. It can cause lags and crashes that can interrupt your regular workflow and hamper the functioning of your business.
- CPU Usage: The processor usage on your device will spike and will be consistently abnormally high when a cryptojacker is at work using the processor of your device for mining cryptocurrencies.
- Overheating of the Device: The device will heat sooner and more often in case a cryptojacking malware is present on it. This is primarily because the computing resources are being utilized to their full capacity.
- Shortened Lifespan of the Device: A computer or mobile phone affected by cryptojacking will be turned to e-waste sooner than expected. This is because the hardware components will be utilized to their full capacity and this can result in more damage to the parts. One particular component that will be very much affected is the battery. The overutilization of the resources will have a direct negative effect on the battery of a mobile or notebook computer. Sometimes, especially in a smartphone affected by a prolonged cryptojacking attack, the battery of the smartphone can also appear to be bulging, in which case, it can also result in a fire hazard and you should immediately get it replaced.
Now, since we know the damage that can be caused, we should also know some of the steps that can be taken to prevent it. Well, most of what we can do to protect ourselves from cryptojacking attacks are standard cybersecurity practices but they can be highly effective:
- Implement a good cybersecurity program: This mainly focuses on organization level but it is still critical. A good detection and remediation program for threats and malware, training members against social engineering attacks and regular audits of logs and generated alerts can go a long way in preventing the damage done by cryptojacking.
- Keep an Eye on Device Usage: At an individual level, you should look out for anomalies that may occur while using your device. Device getting overheated even during regular usage? Or CPU usage spiking up even while using normal programs or websites without any significant processing requirements? Or battery draining fast with no recent overutilization? All these are maybe signs that a cryptojacker has attacked your device.
- Anti Cryptojacking Browser Extensions and AdBlockers: You can install an extension that can help you detect and prevent websites that may contain the malicious code for cryptojacking.
- Malware detection programs: You can utilize software and anti-malware programs to detect and quarantine affected components containing malware signatures using regular scans. Make sure that the software that you are using has the relevant capabilities and signature repositories for detecting such malware and alerting you on time. This means that the software should also update according to the new methods that are being continuously devised by the cryptojackers, which brings us to the next point.
- Keep a track of the latest cryptojacking trends: As a part of your cybersecurity program and the processes associated with it, make sure that your threat intel and incident response teams are also aware of the latest trends that are occurring in this sphere and the new methodologies that the attackers are trying to adopt.
- Protection Against Phishing: Protect yourself and your organization against phishing attacks. There are several components to implementing a successful anti-phishing program that includes utilizing detection software, maintaining teams to deal with alerts and reports, and training employees against phishing attacks. You can also check out this website by Google that provides a quiz for understanding and spotting phishing attempts.
If you are interseted in reading more about this, you can look into these articles by Kaspersky, Imperva, or TechTarget.
For now, this wraps up this article. Will keep updating this blog with more tips.
Suggestions are welcome.
Happy & Secure Development.