How to Recognize Cryptojacking

After 2018 saw an alarming 13 million cryptojacking incidents (4 times as many as in 2017), it’s crucial that both businesses and individuals begin protecting themselves against these attacks. But what exactly is a cryptojacking attack, and how can you recognize and prevent one?

What is Cryptojacking?

In short, cryptojacking is the malicious use of another person’s computer to mine cryptocurrency. Even if you’ve never heard the term ‘cryptocurrency’ before, you may still have heard of one of its most popular forms: bitcoin. As the name suggests, cryptocurrencies like bitcoin are digital currencies secured using cryptography. This currency is ‘mined’ by using special computer software to solve complex mathematical problems, rewarding cryptominers a percentage of the currency for each equation their computer solves.

Cryptocurrencies are ever growing in monetary value, with the value of one bitcoin rising from less than 1 cent in 2010 to an average of around $3,779.68 in February 2019. It even reached a record high of over $19,000 in December 2017. However, mining cryptocurrency is also becoming increasingly difficult since each currency has a finite amount of ‘coins’ to be mined. These days, mining a significant amount of cryptocurrency requires expensive computer hardware and can rack up large electricity bills. In many cases, these costs make it difficult to profit from cryptocurrencies at all.

However, if you can waive these costs entirely by using someone else’s hardware and someone else’s electricity, cryptomining essentially becomes ‘free money’ for the miner. As such, it’s easy to see why hacking other people’s computers to mine crypto-coins have become more common than ever.

How Does Cryptojacking Work?

Cryptojacking works similarly to most well-known malware attacks like Trojan horses and ransomware. All hackers have to do is trick you into opening malicious code, and your computer will instantly be turned into their crypto gold mine. There are three main ways they get this code onto your computer.

• The first is to send it to you in an email. Usually, hackers will spoof an email that looks like it comes from your bank or another important company you’re not likely to ignore. The email will encourage you to click on a link, which then downloads cryptomining software onto your computer.
• The second method doesn’t even require you to download the code. It simply involves hackers injecting a cryptomining script into one or multiple websites. This script executes as soon as you visit the website, mining currency without you even realizing you’ve been infected.
• The third common method is to infect the whole server. By looking for common server exploits or servers with poor protection, hackers can easily inject cryptomining Malware into incredibly powerful hardware. To give an idea of just how profitable that can be, note that this was the method hackers used to mine cryptocurrency worth almost $3.5 million in just 18 months using Jenkins servers across the world.

Many cryptomining hackers use a combination of these methods and others to maximize their profits with minimal effort.

What Damage Does Cryptojacking Cause?

Unsurprisingly, these cryptojacking methods can cause a lot of damage to their victims. In many cases, cryptomining malware only utilities the unused CPU power of a computer, decreasing the risk of the user realizing they’re infected and removing the malware. However, it’s not uncommon for cryptojacking scripts to slow down a computer’s performance, especially when it comes to low-powered machines. Sometimes, the malware can put such intense strain on the CPU and cause so much excess heat that the computer’s hardware suffers physical damage as a result.

Of course, it’s not just individuals who suffer from cryptojacking attacks. When business computers are the target, cryptojacking often eats into productivity and profits significantly without the business owner even realizing what’s wrong. In the most severe cases, mining malware has even forced businesses into days of complete inactivity.

How to Recognize Cryptojacking

In order to protect yourself or your business from the harm brought by cryptojacking, you first need to understand how to recognize an attack. While there are many possible signs, the most common are as follows:

• Your computer is running slowly. Most computers slow down over time. However, if your computer has become unusually sluggish very suddenly, it could be a sign that you’ve recently become infected.
• Your computer is crashing often. One or two crashes aren’t necessarily a sign of malware, but a computer crashing repeatedly (particularly during Gaming and other intensive activities that you can usually do without issue) is a cause for concern that something else is using processing power.
• Your computer is overheating. Often, you can tell if your computer is too hot by touch. However, a more reliable option is to download a tool like Core Temp, which shows you your computers CPU temperatures.
• Your battery is draining rapidly. If you’re using a laptop, keep an eye on how fast your battery runs down when it’s not plugged in. If it drains noticeably faster than the manufacturer’s guideline, you could have cryptomining malware running it down.

Malware scanners are another way to detect unauthorized cryptojacking scripts running on your computer but don’t take an ‘all clear’ result as gospel. These days, many cryptomining scripts are sophisticated enough to evade detection by typical malware scanners. Signs that a computer is working harder than usual are better indicators that something might be wrong. If you’re a business owner, don’t forget to teach your staff to look out for these symptoms so they can report them.

Of course, the only way to know for sure that you’ve been infected by a cryptojacker is to have your computer examined by an IT professional. After all, many of these signs could point to other malware attacks or even problems unrelated to hacking. Individuals should contact a reputable repair shop upon seeing the signs of a cryptojacking attack, while business owners should instruct their staff to report to the in-house IT help desk.

How to Prevent Cryptojacking

As with any cyberattack, cryptojacking prevention is always better than a cure. Thankfully, despite cryptomining hackers becoming smarter and infecting more computers than ever before, there are many ways to protect yourself against one of these attacks.

1. Avoiding downloading email malware

Since spoofed phishing emails are one of the most common ways cybercriminals inject cryptomining software onto computers, one of the best ways to prevent cryptojacking is to stay safe when opening emails. Ideally, you should never click on an email link unless you’re 100% sure you can trust it. Instead, go directly the source the link is pointing to. For example, if the email claims to come from your bank, type your bank’s URL into your address bar instead of clicking the link in the email.

2. Install an ad-blocker or anti-cryptominer on your browser

To avoid cryptojacking scripts run directly through websites, using an ad-blocking extension with cryptomining detection capabilities. One of the best all-in-one solutions is Ad Blocker Plus. There are also dedicated anti-cryptominer extensions. Just make sure you vet them carefully, as cryptominers can also come bundled with browser extensions.

3. Use strong antivirus software

Not all antivirus software can catch cryptomining scripts, and hackers are constantly making their miners less detectable. However, using a strong antivirus software never hurts and may help you avoid lower level cryptojacking.

4. Use a VPN when browsing

Using one of the free VPN services is also a good all-round protector against security risks. VPNs encrypt all your traffic, preventing hackers from injecting malware like cryptojackers onto your system when you’re connected to public wi-fi.

Businesses should shore up their defenses by ensuring that their security awareness training covers the above pointers, especially if the company uses a bring your own device policy.

Cryptojacking may not be as deadly for its victims as attacks like ransomware are, but you should still do all you can to protect yourself against it—especially because these tips will protect against other forms of malware and hacking too. Make sure you follow as much of the above advice as possible and keep up to date on cryptojacking prevention techniques, especially if you’re trying to keep a whole enterprise protected.

By Julie Cole, Cybersecurity enthusiast, wordpress guru, data-safety tools tester with over 10 yrs experience.