November 20, 2020
Authors: Emily Glazier and Henry Kenyon
What is Cryptojacking?
Cryptojacking is an online threat where someone can penetrate through a system’s firewall and run strategic mathematical code in the background. The user who is getting “jacked” does not know that there is an intruder within the system. Once the processes are complete, the information is then sent back to the intruder. There isn’t a trace left behind of the attacker’s presence on the system. This strategy of online attacking started in September of 2017 when Bitcoin was at its height. The attacks primarily come in three different forms. There are files, browsers, and cloud-based.
How Does it Happen?
The intruder can locate a system that is vulnerable and easy to access. They’re able to gain access to the system over the LAN/WAN connection. LAN stands for Local Area Network: consisting of one server and other devices that are communicating with that one server. WAN stands for Wide Area Network. Some multiple servers and devices cross-communicate between different servers. Once they’re inside the system, they can run their commands. This can primarily happen when someone clicks a link or when JavaScript is embedded in a website that causes an internal application within the system to launch which will then initiate the processes. JavaScript is a programming language that is commonly used in applications that you use on a day-to-day basis, but it can also be embedded in certain websites for malicious purposes. This makes it so that if you are visiting a vulnerable website, attackers can easily gain access to your system due to vulnerabilities in JavaScript.
The Comparison Between Cryptojacking and Ransomware Attacks Over Time
Though many people are familiar with ransomware attacks, it is evident with research that many people are being left in the dark, and have no knowledge of cryptojacking. The graph below shows the relationship between Cryptojacking vs. Ransomware Attacks in 2018. It shows a significant increase (positive correlation) in Cryptojacking crimes, peaking in December. This data is from IBM. International Business Machines Corporation (IBM) is a multinational computer technology and IT support corporation that develops computers and hardware that people can purchase. As shown in the graph, in the first Quarter of 2018 there was a 45% decrease in the number of ransomware attacks and that is because cryptojacking can get someone more money, it is faster, and they’re able to leave no traces of their presence on the system.
Signs of Possible Intrusion
There are several signs of being cryptojacked, which include:
- A significant decrease in the system speed performance
- Windows opening on its own
- CMD window opening on its own
- Increased electricity bill
- Devices overheating
- Increased use of cooling fan
How to Protect Yourself
There are several methods to protect your devices from falling victim to cryptojacking.
- Blocking JavaScript can prevent you from using other functions
- Installing NoCoin extensions, that block crypto jacking in browsers such as Chrome and Firefox
- Installing Malwarebytes, which blocks crypto jacking on Windows, Mac, and Chromebook
- Scanning for malware on your device using anti-virus software