Categories: Security Tips

Beware of Cryptocurrency Mining or Cryptojacking

Cryptojacking or cryptocurrency mining involves the unauthorized use of someone else’s computer to mine cryptocurrency.

According to Avast report, cryptojackers commonly use GitHub as a host for cryptocyrrency mining software.

Comodo Cybersecurity found a malware that was mining cryptocurrency utilizing Windows PowerShell. Dubbed as “Badshell,” this malware was injecting the malware code into the existing active processes via the PowerShell commands and script.

What makes cryptojacking so dangerous is that it does not require significant technical expertise for executing it. It also seems more profitable, less expensive and less risky.

Elaborating the above statement with an example; if a cybercriminal launches a ransomware attack for 100 machines, then they might succeed in retrieving ransom from 2 or 3 victims.  However, with cryptojacking all the 100 infected machines will mine cryptocurrency.

How does cryptojacking work?

One way for hackers is to use phishing attempts to trick victims into loading cryptocurrency mining codes in their machines. The script then operates  undetected in the background.

Another method is to inject a script on a site or introduce it via ads placed on multiple websites. Once such a compromised website is visited by the victims or an infected ad has been clicked upon by the user, then the script is executed automatically on their own.

The codes are not stored on the attacked machine. They run a complex mathematical problem to send the results to a server that the hacker controls.

Some of these cryptojacking scripts have worming capabilities to infect other devices and servers on the same network. Cryptocurrency mining codes might also include multiple versions for different network architectures to spread across a network swiftly.

Cryptojacking codes do not retrieve victim’s data but steal CPU processing resources.

How to detect cryptojacking?

  • Help desks should be trained to look for overheating systems, slower systems, and other recurrent problems in the systems.
  • Deploy a network monitoring solution.
  • Stay up-to-date with the latest trends of cryptojacking.
  • Ultimately, monitor the company websites for cryptocurrency mining codes.

How to prevent cryptojacking?

The below-given steps can be implemented to minimize the the risk of falling prey to cryptocurrency mining or cryptojacking:

  • Conduct security awareness training in your organization informing employees about cryptocurrency mining threats and phishing techniques.
  • Install an effective antivirus program with endpoint detection capability.
  • Install an effective ad-blocker.
  • Install an anti-cryptocurrency mining extension on web browsers.
  • Update the web filtering tools frequently.
  • Update the browser extensions regularly to prevent them from being infected.
  • Use a mobile device management solution to regulate the devices better by managing apps and extensions on the device.

Adrian

View Comments

Recent Posts

Block Spotify Ads: Is it Worth and Legal? Useful Tips

As a Spotify Free user, you might feel like you want to block Spotify ads. This could be because they…

12 months ago

Hacked Spotify Account? Tips to Regain Access

As it is one of the most popular digital music, podcast, and video services, a hacked Spotify account may be…

12 months ago

Learn about Cracking. Essential Security Tips to Keep It Away

You may, or may not have heard about cracking. Either way, you should be aware of this threat, and learn…

1 year ago

What Is Victim Fraud Shame? Useful Tips to Fight Against It

Victim fraud shame is a very dangerous thing that may happen to those who become online victims. Some of them…

1 year ago

Five Steps to Stay Safe Online. Essential Security Tips

We assume that everybody wants to stay safe online. For this, some simple, still very important rules should be followed.…

1 year ago

How to Report Cybercrime? Become a Security Hero

Have you ever thought about how you could report Cybercrime? Maybe you or one of your friends became the victim…

1 year ago