Photo courtesy of URTech.ca
Cryptojacking, also known as cryptocurrency mining, has been one of the hottest topics in the cybersecurity world in the first half of 2018. In fact, two crypto-miner programs are on Check Point’s most wanted malware list.
Cryptojacking Defined
Cryptojacking is the practice of using JavaScript code to mine cryptocurrencies inside users’ browsers without notifying them in advance or requesting permission. JavaScript runs on just about every website you visit, making it possible for in-browser mining to occur without being installed.
While cryptojacking has been around for a couple of years, mining was previously done via special hardware rigs or custom software installed on users’ computers. This all changed last fall with Coinhive. Coinhive is the web service that allows any website owner to add a JavaScript library to their site and generate cryptocurrency by using the CPU power of site visitors, instead of the site owner’s own hardware resources. The crypto mining code simply runs in the background as victims use their computers normally. The only sign is that users may notice their computer is running slower or lags in execution.
Why is Cryptojacking on the Rise?
The reason is pretty simple, and also the main reason cybercriminals perform any of their malicious acts: to make money. While cryptojacking may not generate the kind of profit that ransomware does in the same amount of time, it’s a cheaper and safer alternative. Furthermore, cryptojacking code can go undetected for a long period of time, and once it’s discovered, it’s very hard to trace back to the source. On top of that, the victims have very little incentive to take the time and resources to trace back to the attackers since nothing was stolen or encrypted.
Organizations are Taking Notice
As recent as Monday, June 11th, organizations such as the Federal Trade Commission (FTC) and Apple are taking steps to help rid the world of cryptojacking. While these acts certainly won’t completely eliminate the act of crypto mining, it will hopefully help. Apple recently updated its review guidelines to specifically prohibit iOS and Mac apps uploaded on the company’s official App Store from utilizing users’ devices for cryptocurrency mining. The policy reads as follows:
2.4 Hardware Compatibility
“2.4.2 Design your app to use power efficiently. Apps should not rapidly drain battery, generate excessive heat, or put unnecessary strain on device resources. Apps, including any third party advertisements displayed within them, may not run unrelated background processes, such as cryptocurrency mining.”
On June 7th, the US Federal Trade Commission notified the public that they are now taking complaints from US users about cryptojacking. This is the first official signal from US authorities that cryptojacking is an illegal practice, especially done without the user’s consent.
“It’s a truly historic moment,” commented Troy Mursch, a security researcher specializing in finding cryptojacking campaigns. “It’s the first time a US government organization has mentioned the word cryptojacking… It’s good to see them finally taking issues seriously and publishing that advisory.”
How to Protect Against Cryptojacking
The FTC also provided the following guidance for dealing with in-browser cryptojacking:
- Follow tried-and-true advice for avoiding malware: use antivirus software, set software and apps to update automatically, never install software or apps you don’t trust, don’t click links without knowing where they lead, and be careful about visiting unfamiliar sites.
- Look for and close performance hogs: it can be hard to diagnose cryptojacking, but one common symptom is poor device performance. Consider closing sites or apps that slow your device or drain your battery.
- Consider playing defense: Some browser extensions and ad blockers say they help defend against cryptojacking, doing things like blocking mining code. These tools may be worth considering but always do your homework first. Read reviews and check trusted sources before installing any online tools. Remember, some websites may keep you from using their site if you have blocking software installed.
Outlook
As one cybersecurity expert said, cryptojacking is in its infancy. It’s believed that five percent of all Monero (a cryptocurrency) in circulation has been mined using cryptojacking techniques. As with all types of cybercriminal acts, once a way to a eliminate threat has been implemented, there will surely be another way to continue cryptojacking. Fortunately for general users, the only thing that’s going to happen is their devices may run slower than normal for a while.