We use cookies to offer you a better experience. For more information on how we use cookies you can read our Cookie and Privacy Policy.
What is Cryptojacking and How to Stop an Attack
July 20, 2023
There are widespread implications to the continued growing interest in cryptocurrency and blockchain technology, and they go beyond the potential use of digital money and how it’s mined. Unfortunately, hackers expanded into illicit cryptomining through a new type of attack called “cryptojacking” malware.
In this article, we’ll explore exactly what cryptojacking is, including how hackers find ways to co-opt your hardware, how you can detect cryptojacking, and how to resolve any issues you may experience.
What is cryptojacking?
Cryptojacking (sometimes written as “crypto jacking”) is an emerging online threat that uses malicious code to trick your computer into mining digital currencies for someone else. According to Interpol, cryptojacking covers any activity that “secretly uses a victim’s computing power to generate cryptocurrency.”
In other words, these web jackers don’t use their own resources to build their digital wallet, they use yours, which saves them money on the hardware investment and energy commitment (no big electricity bills to worry about!). They target a number of personal computers – like yours – to build a distributed network, rather than build a large-scale cryptomining enterprise, which requires a lot of space, hardware, power, and supervision.
How does cryptojacking work?
Threat actors have a variety of ways to access your device and secretly install malicious cryptomining scripts.
The most common methods are very similar to other forms of malware, which sneak into your PC through online interactions, especially through web browsers and email clients. Simply clicking a bad link in a scam email or on an unfamiliar website is enough to let a cryptojacking script into your system.
There are also different types of cryptojacking, which have two primary methods of infecting your device. The first involves traditional malware and malicious link scams, and the second uses an open web page to co-opt resources while you’re on the site. The latter is often more challenging to identify and stop.
Why are cryptojacking attacks so common?
Cryptojacking attacks are common because it’s a safe method for hackers to gain access to your resources. It also has a big profit potential compared to the risk. As opposed to typical malware that steals your information for a direct attack on your data and accounts, cryptomining malware uses your PC’s resources to mine for digital money.
Victims are often unaware and the scripts are difficult to track, which makes it hard to track an attack. That means it’s primarily up to victims to manage the threat independently. Let’s look at some of the clues you can use to identify a cryptojacking attack on your system.
How to tell if your device is infected
Since cryptojacking depends on your hardware to mine new currency, it is easiest to detect through physical indicators on your device. Two crucial signals are energy usage and overall usage, but here’s what else you should take seriously.
1. Reduced performance during normal use
Using computers to mine cryptocurrencies requires a lot of energy and processor power. CPU usage is heavy, which means your computer will struggle to mine cryptocurrency effectively if it’s performing other tasks. That’s why legal mining often depends on dedicated hardware, rather than a PC you use daily for work or play.
You must watch out for reduced and erratic performance, especially when using less resource-intensive software. Simply checking your email or scrolling through a spreadsheet is not enough to cause most personal computers to struggle, so if you do experience serious slowdown, you may want to investigate further.
2. Overheating and excessive cooling activity
Heat regulation is a much bigger challenge for infected devices. In addition to running slowly, your device may actually become hot to the touch, especially ventilation points and areas near critical components. If your computer is older or you have your own cooling solution setup, you may notice excessive fan noise or system activity.
This will have many short-term consequences, including damage to internal hardware and erratic behaviour (errors, slowdowns, etc.). It leads to further wear on components, which is often a root cause of reduced performance over time. Cryptojacked or not, overheating on your device is a sign that something is wrong, so it’s important to find out why it’s happening sooner rather than let it continue.
3. Decreased battery life and charging capabilities
By splitting your resources with a cryptojacking script, your computer places a bigger strain on its energy sources.
If your computer is plugged into an outlet, this means you’ll spend more on electricity. And if you’re using a laptop or notebook, this means the battery won’t last as long away from a power source. If you’re using a brand-new device and its battery is losing its charge much sooner than it should, it may be compromised.
You may also notice a delay when you try to recharge the battery. Since some cryptojacking code can hide itself by operating when you aren’t using your computer, it doesn’t matter whether you’re active or not. Malicious cryptomining can take place even when you’re not logged in.
4. Signs of activity outside of regular use
Cryptojackers, and their cryptomining malware, are becoming increasingly sophisticated. One of the more recent and difficult to detect varieties involves hiding malicious activity when you’re actually using your device. The script may only activate when you close all your tabs and apps, or it may be programmed to stay below a certain percentage of CPU usage.
This makes it all the more difficult to tell if you’re the victim of a cryptojacking script, because there are fewer visible opportunities to detect an intrusion. However, if your computer is already warm before using it or after a short break, you may be dealing with cryptojacking or another type of malware.
How to stop cryptojacking
The best way to shield your device against cryptojackers, or any type of malware, is proper oversight. What that entails depends on your typical usage, but there are several good rules of thumb that any user should follow.
If you need to protect additional devices at home or at work, consider talking to everyone else involved about the threat. You should also seek assistance from your company’s IT department or enterprise services to help you prevent cryptojacking.
1. Maintain your browser
For most users, browser maintenance only requires a couple of quick notes. First, make sure your browser is up-to-date so you have basic defences against the most recent cryptojacking scripts. These updates can’t promise total protection, but they provide the most recent browser security changes.
Keep an eye on your browser extensions, too. Cryptomining malware is often packaged as apps or browser extensions that you may knowingly or unknowingly add to your system. Whether you use Microsoft Edge, Google Chrome, or another browser, be sure to research any unfamiliar apps – and promptly delete anything you didn’t download yourself.
2. Block known sources and coin jacking sites
Use your browser settings to block sites you know or suspect of using cryptojacking scripts. The roots of cryptojacking lie in software designed to passively mine cryptocurrency when a consenting visitor navigates to their website. In this scenario, cryptomining replaces pop-ups or embedded advertisements as a source of revenue.
If your browser supports blocking individual websites, you can keep a running list of no-go websites. You can typically add suspicious URLs to an index via the browser’s security or general settings. Your browser may even feature a dedicated extension for blocking.
3. Install anti-virus and malware prevention software
Installing, updating, and running a cybersecurity program on your device is the best way to minimize attacks. Some work passively, and others may require you to periodically run scans and apply new updates.
Here’s a quick rundown of 3 leading options:
- McAfee Total Protection: McAfee has the best range of prices and coverage for the most devices. The $69.99 Ultimate plan currently supports unlimited device coverage, while the $24.99 AntiVirus Plus plan covers up to 10 devices.
- Bitdefender: This is another popular option that users praise for its streamlined design, which means device management is easy. It’s available in a variety of plans with different add-ons, including hands-on support from Bitdefender technicians and security researchers.
- Webroot: Webroot is available in different editions based on use, from the home to the workplace. There are 3 plans for home users, and Webroot specifically highlights cryptojacking in its onboarding material.
If you’ve used the same antivirus software for a long time, you may want to check the latest reviews and compare your options. A free or older service that was great at launch may no longer receive updates as often as you need them.
Who is most at risk from cryptojacking attacks?
The risk of cryptojacking is great for all types of users, but especially for professionals who lack the protection of a dedicated enterprise IT or security department. Gamers are also at an elevated risk, because they may mistake slower computer performance and overheating as signs of lacklustre hardware.
Summary
The threat of cryptojacking is greater than ever, but most users can protect against it with a few additions to your browsing or maintenance routine. Or you can take some of the pressure off your agenda and upgrade to more comprehensive anti-virus protection. Direct support and affordable coverage is more accessible than you may think.
Recent Posts
