Blog
Rajiv Singha

Cryptojacking is when someone illegally uses your PC to make digital money + 8 facts

June 20, 2018
  • 27
    Shares
0
Estimated reading time: 4 minutes

What attracts more than a magnet? You might have guessed it right – it is money! And where there is easy money, there is a lot of hustle and bustle. Till now, ransomware was seen as the ultimate cash cow for attackers – kidnap critical data and ask a ransom in exchange. But, now, there is even a bigger cash cow than ransomware. It is called cryptojacking – using someone else’s computer to generate digital cash called cryptocurrency. While a ransomware gets detected after a time and is short-lived, cryptojacking can run almost undetected on users’ systems minting money for attackers for as long as they want. Due to its ease of deployment and an instant return of investments, cryptojacking has replaced ransomware as the number one threat for consumers and enterprises. And to help you understand this new digital threat better, we have listed out these FAQs.

 1. What is cryptojacking?

A cryptocurrency is a form of virtual or digital money that uses cryptography for security. To generate (mine) this currency, a computer’s processing power is required. Cryptojacking (or cryptocurrency hijacking or cryptocurrency mining malware) is the secret use of your computer’s CPU power to generate cryptocurrency without your consent or knowledge. In simpler terms, when your computer is secretly used to generate digital cash, it is called cryptojacking.

2. What are some popular cryptocurrencies?

1) Bitcoin

2) Litecoin (LTC) Litecoin

2) Ethereum (ETH)

3) Zcash (ZEC)

4) Dash

5) Ripple (XRP)

6) Monero (XMR)

 3. Who can become the target of cryptojacking?

It is a common misconception that cryptojacking affects only those who handle cryptocurrencies. In fact, anyone who has a computer and uses the Internet can be targeted by attackers behind cryptojacking.

4. How can an attacker carry out cryptojacking on your computer?

An attacker can carry out cryptojacking on your computer by dropping a crypto mining code on the system without your knowledge. This can be done in the following ways:

  • The attacker can send you a phishing email that tricks you into clicking on a link or downloading an attachment. Once you do that, a crypto mining code is dropped on your computer.
  • The attacker can infect a website or pop-up ad with a crypto mining script (written in JavaScript). And if you happen to visit such a website or click on the ad, you will unknowingly trigger the crypto mining script to start running on your computer. This technique is called in-browsing cryptojacking and it’s more popular than the method described above. This is because, here, the attacker does not have to install any code; all they need to do is make you visit a certain website or click on an ad and your computer turns into a cryptocurrency mining machine.

 5. How do you know if your computer has been cryptojacked?

If your computer is being used for cryptojacking, the only sign you might notice is slower performance or lag in execution. Some crypto mining scripts can eat 100% of the targeted computer’s CPU power which can significantly lower the lifespan of the hardware itself. In most cryptojacking cases that got reported, neither the owners of the compromised website nor its users were aware that they were the victims.

 6. What type of websites are usually targeted for cryptojacking?

Attackers mostly target unprotected websites that receive massive traffic (has a lot of visitors) on a daily basis and compromise them with crypto mining codes. These websites could include government or news portals and even those that provide some kind of online service. And when individual users access these compromised websites, the crypto mining code hijacks their web browsers and begins the mining activity.

7. How can cryptojacking be harmful to your PC?

  • Cryptojacking consumes your computer’s processing power and slows down the system to an extent where you might not be able to carry out any task. This can significantly impact you if you are a working professional, tester, gamer, etc. Furthermore, if your computer is mining cryptocurrency, it will unnecessarily increase your electricity bill.
  • In some cases, cryptojacking has also been reported to crash the infected computer and even cause physical harm to Android devices by overheating their batteries.

8. Important cryptojacking facts and statistics

  • In March 2018, about 50,000 sites were secretly infected with crypto-jacking scripts.
  • Coinhive is known as the most widespread crypto-jacking script used by attackers.
  • Because of its ease of money making and less demand for technical skills, cryptojacking is becoming a popular alternative to ransomware. For instance, an attacker can make money from 5 out of 100 computers infected with a ransomware. But, with cryptojacking, all of those 100 computers can be used to make money.
  • Cryptojacking is platform-independent and can run on Windows, Mac, and Android.
  • In April 2018, over 2,000 computers at Aditya Birla Group were held hostage by hackers for cryptojacking.
  • Most cryptojacking attackers prefer mining the digital currency called Monero because it is more anonymous than Bitcoin.

9. How to protect yourself from cryptojacking?

  • Never click on links or download attachments received from unwanted, unexpected or unknown emails. If such emails have something urgent to share with you, call up or meet the sender in person and verify the information.
  • Apply all recommended software updates on your computer and keep its OS and programs such as Adobe, Java, web browsers, etc., up-to-date.
  • Use an antivirus software that detects and blocks websites and emails compromised with cryptojacking scripts.
  • Install an ad-blocker plugin (extension) on your web browser. It is also important to use the latest browser plugins and discard those that are outdated or not needed
  • 27
    Shares

Have something to add to this story? Share it in the comments.

Rajiv Singha
About Rajiv Singha
Rajiv is an IT security news junkie and a computer security blogger at Quick Heal. He is passionate about promoting cybersecurity awareness, content and digital...
Articles by Rajiv Singha »

No Comments, Be The First!

Your email address will not be published.

CAPTCHA Image