The beginning of the year 2018 has brought a constantly growing threat in the field of cyber security which impacts a huge amount of Internet users. Either societies with a large infrastructure or a teenager with a notebook. Despite the fact that it is not anything new, the growth of cases and new methods of implementation deserve a due attention. Let’s introduce cryptojacking.
From ransomware to cryptojacking
A term ransomware has been recently used not only in the cyber security community but it has also resonated among common Internet users as well as in the media. Ransomware was and is a major threat that entails the risk of loss of sensitive data, its disclosure and service denial, and in many cases it is an irreversible process and the system recovery is both technically and financially a very complex process. Ransomware threatens private companies, state bodies but also anyone who uses the Internet. From such definition it appears that nothing worse can exist. It will be worse – let’s not forget that the Internet is a space of unlimited possibilities.
Cryptocurrencies are a boom spreading across the Internet user spectrum, and it is not any more a privilege of geeks who used this method for “fighting” against the classically used and valid means of payment. After the cryptocurrency bitcoin became popular, its value began to rise rapidly which allowed the users, who did not quite understand the nature of bitcoin and the technology of blockchain, to make money through purchase and sale of this cryptocurrency, which resulted in so-called cryptofarms for mining the cryptocurrencies. Cryptocurrencies were established in a system of accepted and traded commodities, albeit in a virtual form.
Cryptomining on own computers or servers was actually simple at the beginning. In the course of time and due to increase of users who were mining particular cryptocurrencies, the mining became more difficult. This fact goes hand in hand with increased demands on technology and financing of mining. It simply means that more difficult mining requires better technology. It also covers the electricity consumption which must be paid by “a miner”. Technical component wear is not so noticeable, but for example if mining requires the use of graphics cards, they become inapplicable after one year of continuous operation. And exactly these parameters reflect the price of cryptocurrencies though the majority of people does not admit this fact. Although their value is attractive, an initial investment in own mining equipment is high. How to solve this problem? Let’s mine cryptocurrencies on somebody else’s computers! Does it seem to you as complicated, impossible, and even sci-fi? Do you imagine a hacker sitting in his dark room and programming a difficult code? You are wrong. It is much easier than any software installation.
Cryptojacking – a hidden threat
You visit your favourite webpage, read articles, contributions or have discussions. The fact that your computer is slowed down, other webpages are loading cumbersomely or the CPU fan speed spontaneously increases, you do not even notice. If by chance you do notice, you may attribute it to slow Internet connection or slowed down computer. You would not consider checking the source code of the webpage, or noticing that slow browsing or higher computer performance is present only on one (or several) webpage. And exactly this is the basic principle of cryptojacking.
In fact it is a simple malicious code with which the attacker does not infect the victim’s computer itself but the webpage visited by a victim. More visits, better mining. Such a code can get on the webpage via different ways. Either it is an intentional implementation of the webpage provider who wants to make money this way. In this case, however, it is appropriate to keep the users informed about such an intent. If the site owner fails to do so, he is exposed to the risk of loss of visitors or accusations that will not be unjustified. A worse case is, nevertheless the situation when the webpage is attacked and the attacker will use the system vulnerability or other attack vector for the page infection. Neither the webpage owner nor the users have to know whatsoever that such a code can be found on the webpage. The attacker is cheerfully mining the cryptocurrency, the webpage provider gets an increasing number of complaints about slowing down the webpage and the users are angry.
Why is then cryptojacking dangerous? You think that having a slowed down computer or Internet is just a trifle. You are irritated because the webpage is loading very slowly, the owner is angry because the users complain. Don’t you see anything dangerous? There are two arguments why cryptojacking is a big threat.
Primarily, it is evident from the above that the malicious code of cryptojacking uses your computer for mining the cryptocurrency. It affects also your electricity and lifespan of your components which are getting worn down. So the attacker robs you and not a webpage on which the malicious code is present. You have to pay for increased performance of the computer as well as for components getting worn down. Buying a new computer or paying back payments for electricity is not an unpleasant issue to be waved aside.
Secondarily, a security flaw or vulnerability in the system on which the webpage is built does not just mean possible infection of the webpage by a code for mining the cryptocurrency. Through such a security hole another much more dangerous malicious code can be installed which may be spread unnoticeably among the visitors of the webpage. The loss of sensitive data, theft of your passwords, identity theft or misuse of your credit cards demand attention. It does not have to be merely cryptojacking. Therefore, it is important to be vigilant.
Awareness as an effective protection
In this case it is appropriate to say that even though cryptojacking looks threatening, it is possible to be protected against it. There are a few simple steps which are not technically demanding and can protect you from the misuse of your computer:
- Pay attention. If you feel that something is wrong with the webpage you visit, it is slower than usual or your computer has started to behave in a non-standard way, for example the CPU activity has increased unexpectedly, it is presumable that there is a malicious code on the webpage. The best thing you can do is to contact the provider or the site owner and report the problem. A fair provider will listen to you and implement effective countermeasures. If you do not meet with understanding, contact us. However, you can do so immediately – if you are aware that there is a malicious code on the webpage which you are visiting or you visited in the past, please report to us.
- Use special tools. Most of the Internet browsers offer extensions which can block the malicious code for cryptocurrency mining on webpages. For example, look at the extensions MinerBlock or No Coin. However, do not rely solely on the browser extensions. Attackers are constantly developing methods how to circumvent such extensions.
- Protect yourself in a number of ways. Use updated antivirus software because most of these programmes can detect webpages with the malicious code. A correct setting of firewall rules in your computer or network device can be also helpful.
- Make backups. If your computer contains data that are important for you, back up your data to external media, NAS server or other system which is sufficiently secured. This will prevent you from losing your data when the computer is infected.
- Follow the current cyber security trends. Behaving safely on the Internet is more than half of the success. Tips and tricks can be found in our special section.
What to add in conclusion? In a modern information society people are constantly trying to simplify their lives and find forms of income which shall simply make the highest possible profit in a short period of time. Many times it is at the expense of others, like unsuspecting Internet users in case of cryptojacking. However, by following simple steps you can be protected against the misuse of your computer and your data.
« Späť na zoznam