You’ve probably heard of cryptojacking by now, otherwise known as illicit cryptocurrency mining. But oftentimes, we think that cybercrime affects large companies or that hackers only target important or affluent people. But here’s the thing about cryptojacking: it doesn’t discriminate on social or economic grounds.
Here’s a scary fact for you: 60 percent of small firms that suffer an attack go out of business within six months. And here’s an even scarier one: one in three small business owners have no safeguard in place to prevent a cyber attack. So for those of you surfing the net without taking proper precautions, it’s about time you did.
According to a study by Switchfast Technologies, small companies are actually a higher target for hackers. In contrast to common misconceptions, as long as they can make money, any company–or individual–is ripe for the taking. The absence of dedicated security personnel makes it easier for hackers to infect devices with malware, phishing, ransomware, or crypto mining botnets.
The Unstoppable Rise of Cryptojacking
A few things you should know about cryptojacking:
- In 2018, cryptojacking became the largest cyber threat, knocking Ransomware off the top spot.
- Already, according to some sources, one-quarter of all companies have been victims of cryptojacking.
- In Q4 of last year, cryptojacking incidents skyrocketed by 8,500 percent.
Those are some pretty eye-watering statistics. In fact, earlier this year, we reported that cryptojacking was becoming an epidemic. But despite a temporary downturn in illicit cryptocurrency mining from March to July of 2018, cryptojacking looks to be gathering momentum fast.
According to a report by Kaspersky Lab, Ransomware attacks are on the decline because they aren’t sustainable. Cryptojacking is becoming so popular because it can go on for long periods of time without the victims even knowing.
Moreover, cryptojacking can take place on multiple devices, not just on your laptop or desktop. Think servers, mobile phones, and even IoT devices.
Currently, mobile mining isn’t profitable enough for an individual to do. But deploying thousands of mining botnets to mine on multiple devices over a long period of time is. According to Kaspersky, countries that are particularly at risk when mobile mining takes off are India and China, as they own approximately one-third of all mobile phones in the world. Remember, cryptojacking is indiscriminate.
Taking a Little from a Lot
Unlike a money heist or a one-off, high payout Ransomware attack, cryptojacking takes a little CPU from a lot of people. You may even argue that it’s a low-priority cyber threat since the perpetrators aren’t after your money or data. However, they are making a lot of money–and it’s costing its victims their electricity.
So, think huge power bills, batteries that drain quickly, computers overheating, and a bunch of small business servers mining Monero rather than working at full capacity. In fact, Monero is the most illegally mined cryptocurrency with around 5 percent of all Monero mined illicitly.
Even more important is that the vector for the malware is the same. If your network is vulnerable to cryptojacking, something more serious could easily breach your system, potentially putting you out of business.
In most cases, cybercriminals develop cryptojacking software in such a way that it only uses a small amount of CPU, such as with The Smominru Miner. Over a period of roughly six months, the giant botnet cryptojacked multiple devices and mined over $3 million of Monero.
However, in other cases, criminals foolishly ramp the CPU up so high that they damage the devices or alert the network, such as with the Siacoin Internet Cafe hack.
How Do You Get Cryptojacked?
There’s more than one way to become a victim of cryptojacking and it isn’t necessarily by unwittingly downloading a malicious code. Through in-browser cryptocurrency mining, your device could be mining cryptocurrency just by visiting an infected website. In March of this year, almost 50,000 websites were found to be infected with malicious mining code; among them the UK government’s official site!
The majority of these websites are infected without the site owner knowing. However, in some cases, website owners are using in-browser cryptojacking as an alternative revenue stream to advertising.
Tipeeestream, for example, a site that allows for tipping of live streaming content, allows users to activate in-browser cryptocurrency mining as a means of supporting the content creators if they wish.
The Pirate Bay, on the other hand, sparked controversy and disagreement from its users when they embedded mining botnets in their website to experiment over its profitability. Users noticed that their devices became overheated after leaving their browsers open for a while.
In the case of The Pirate Bay, cryptojacking only occurred when the adblocker was switched off. Using an adblocker or a plugin like NoCoin for your Chrome or Firefox browser can help to protect your device. Although, according to research by RWTH Aachen University in Germany, NoCoin isn’t really up to the task. In fact, as much as 82 percent of infected sites still go undetected.
Coinhive is by far the most popular vector for in-browser cryptocurrency mining, with some 75 percent of infected sites using it. And RWTH research revealed that Coinhive currently mines slightly more than 1 percent of all Monero blocks (approximately $250,000 per month).
Despite these stats, there’s relatively little to worry about with in-browser mining. Simply close your browser and the mining will stop. Downloading malware to your device is more problematic.
Downloading Mining Botnet Malware
If you download cryptocurrency mining malware to your device, you’ll need to remove it as soon as possible. Just like in-browser mining, using an adblocker, antivirus, or plug-in can help but are not always effective.
You can download cryptojacking software in many ways – clicking on a phishing email, a malicious advert, or using a free content management system (CMS) like WordPress.
Research from RiskIQ found that one of the largest vectors for mining malware is a CMS. There are over 13,000 WordPress plugins among Alexa’s most popular sites. Of those, around 3,400 flagged up critical vulnerabilities that could allow mining botnets in.
Video games can also be a problem, with popular digital game marketplace Steam pulling a game after it was accused of being a “cryptocurrency mining scam.”
Victim of Cryptojacking? Here’s What You Should Do
If you find your device running poorly, your fan kicking into overdrive, or your battery lasting way less time than usual, you may be under attack. And you should probably get your device checked out before your power bill confirms your suspicions.
If you are a victim, take heart, crypto mining malware is easy to remove. It’s also only after one thing: your CPU. So, you don’t have to worry about your data or confidential information.
Companies that find themselves cryptojacked, however, should look upon it as a serious wakeup call. And–if they’re like one-third of all small businesses with no cybersecurity plan in place–should quickly devise one before a more malicious actor comes in and puts them out of business.
published by Alberto J. Matus