Early 2018 saw the explosion of a new malware trend that as of today has become one of the biggest security threats on the web: cryptojacking or illicit cryptocurrency mining, a type of malicious code that can hijack your device’s processing power to mine cryptocurrencies without your permission and without your knowledge.
It’s a problem that looks set to only get worse, especially given the new golden age of cryptocurrencies like Bitcoin. In fact, for companies like Microsoft itself, cryptojacking represents the biggest current threat in cybersecurity, even more worrying than ransomware attacks, with mechanisms of action that are increasingly complex and difficult to detect.
What is cryptojacking
Cryptojacking, illicit or malicious cryptomining, is a type of cyber attack that basically steals your computer’s processing power to mine cryptocurrencies. You can fall victim to cryptojacking in multiple ways, either by installing a program infected with the malicious code, or even by simply visiting an infected website.
One famous case you may have heard of was The Pirate Bay and how the torrent site was using the CPU of all users visiting the site to cryptominate without anyone’s consent. But it was not the only one and this kind of problems are becoming more and more common.
You can find cryptominers in malicious extensions, or mobile applications, even in WiFi networks, so it is important to be more vigilant than ever against this type of threat.
Cryptominers can take over your browser, they can compromise all kinds of devices, from your PC to your mobile, and even network servers. Some cryptojacking scripts can act like a worm, allowing them to infect other devices and servers on the same network.
One of the main goals of cryptojacking is to take full advantage of the victim’s device resources without the victim noticing, however, since these types of malware are always looking to squeeze all the processing power out of the hardware they infect, in order to mine more cryptocurrencies, the device is going to show symptoms:
Your device’s performance is going to decline substantially: things like a slow, extremely slow computer, overheating, increased fan activity, or even battery “bloat” on Android mobiles, and computers shutting down on their own because the CPU temperature rises too high.
If you use Task Manager in Windows or Resource Monitor in macOS you can detect processes that are constantly using 100% of your CPU, something that is not normal in the vast majority of cases, especially if it is the browser and you are not really running demanding tasks.
Protecting yourself from cryptojacking is not as simple as protecting yourself from other malware attacks. While you can (and should) take into account the most common prevention measures such as using some kind of antivirus solution on your computer, not installing software from unofficial sites, being careful with the extensions you add to your browser, and the links you open, sometimes a legitimate website can be compromised and infect you without you suspecting anything.
Some additional options to prevent becoming a victim of cryptojacking include installing extensions such as Minerblock that block all types of cryptominers on the web. However, browsers such as Opera and Firefox already include their own built-in tools to block cryptomining.
In addition to this, some ad blockers such as Adblock Plus and uBlock Origin include specific lists to block mining. Whichever options you use, it is recommended that you also monitor your computer’s resource consumption from time to time, especially when you notice changes in performance, sluggishness, or those fans suddenly start making a lot of noise.