With the rapid rise of cryptocurrency, comes the rapid rise of cryptojacking – a form of cybercrime which entails an unauthorized use of the processing power of a person’s computer, tablet, mobile phone, or other device, to mine for cryptocurrency on behalf of the hacker. Essentially, cryptojacking allows hackers to make free money by gaining access to someone else’s device with just a few lines of code.
The reason why cryptojacking is attractive to hackers is because mining for cryptocurrency is an expensive process that requires a lot of resources, such as costly computer equipment and extensive use of electricity, which brings about higher bills. In addition to that, the more machines hackers get access to, the faster they mine and create coins.
There are two types of cryptomining attacks:
- Cryptojacking: mining via compromised websites
- Malware-based cryptomining: mining via a malware on a device
How does cryptojacking work?
Cryptojacking occurs when a person’s browser is used to mine cryptocurrencies without their consent. Since hackers don’t have to use malware, browser-based attacks are much easier compared to other forms of cryptomining. By infecting a single web server, hackers can subject all visitors of the websites hosted on that server to cryptojacking.
Here’s how cryptojacking happens:
- The hacker compromises a website with a cryptomining script, which can be included in the website, a third party ad loaded by the website, an extension or browser plugin, as well as a pop-up window
- The user visits a compromised website, and the cryptomining script starts working
- The user, thus, starts unknowingly mining cryptocurrency for the hacker
- The hacker receives cryptocurrency
What happens to the device used for cryptojacking?
While the cryptojacking script is running, the user will notice a very high graphics card and/or CPU usage level. The device will start overheating and running slower than usual, and the battery levels will drain faster.
How to know if your device is being used for cryptojacking?
Check the Windows Task Manager on a Windows device and/or the Macintosh Activity Monitor on an Apple device, and review if there’s a substantial increase in CPU usage.
How to defend yourself against cryptojacking?
Fortunately, cryptojacking can be managed fairly easily. Here are some tips on how to protect yourself from this cryptomining form of cybercrime:
- Use an ad-blocker
- Only use browser extensions and plugins that are distributed by a trusted app store such as Google Play. In addition, check your browser extensions regularly, and remove/disable the ones that you don’t use
- If you notice that your device is heating up, restart the web browser
One final point that’s worth knowing is that cryptojacking scripts don’t usually go after your personal data. Their sole purpose is to seal your CPU resources and mine for cryptocurrency.