How to Beat Cryptojacking – 2018’s Unexpected and Vicious Trend
Cryptojacking is on the rise, knocking ransomware off the top spot for cybercrime in 2018. Digitex recommends that you take a few steps to protect yourself.
The word ‘cryptocurrency’ created quite the spectacle towards the end of 2017. Today blockchain technology and cryptocurrencies such as Bitcoin [BTC] and Ethereum [ETH] rule the roost in the blockchain industry. But digital assets are not without their dark and ominous side, with multiple reports running helter-skelter in the cryptoverse about dangers like cryptojacking.
If the term ‘cryptojacking’ can strike fear in the hearts of so many users and technology enthusiasts, it’s time to delve deeper into finding out what it’s all about.
Cryptojacking–What Is It Really?
Cryptojacking is the amalgamation of two words–cryptocurrency and hijacking. Hackers use this method to take over unsuspecting devices and use their computational power for illicit cryptocurrency mining. So, the hackers don’t steal anything, except for electricity? Well, it’s not quite that innocent after all.
Reports show that the victims of cryptojacking can be burdened with thousands of dollars in electricity bills. Their Internet Protocol [IP] address can also be used to mask the identity of the actual culprits. Until recently, the menace of cryptojacking was restricted to just laptops and desktop computers, but with the advent of new technologies, that’s changing.
Just recently, researchers from ESET, a cybersecurity firm, revealed that smartphones are also facing the wrath of cryptojacking. One of the researchers was quoted as saying:
“We have discovered that a version of the popular game Bug Smasher, installed from Google Play between 1 and 5 million times, has been secretly mining the cryptocurrency Monero on user’s devices.”
One of the biggest problems with cryptojacking is how hard it is to detect. What usually happens is the victim gets an exorbitant electricity bill towards the end of the month by which point it’s already too late. Another red flag is when a system unexpectedly starts heating up or there’s a significant drop in performance. But then again, these are signs of a common household computer and are usually brushed aside as a technical glitch.
Cryptojacking–How Bad Are Its Effects?
Most people think that because of the niche market that cryptocurrencies occupy, the effects of fraudulent activities would be kept to a minimum, but that’s far from the truth.
In February of this year, the Australian government’s websites were hacked to mine cryptocurrencies such as Bitcoin and Monero. Hackers were able to do this using the infamous Coinhive where the malware attached itself to a website’s plugin thereby granting ‘walk-in’ access. The targeted websites belonged to the Victorian Parliament, the Queensland Ombudsman and even the Queensland legislation portal, where the country’s top-priority documents are stored.
One of the biggest cryptojacking attacks, however, occurred in May when over 300 websites were hacked using Coinhive. The main target of the systematic attack was web-based applications which used the Drupal Content Management System. Coinhive is used to illegally mine Monero [XMR], of the coins in the top 10 cryptocurrency charts. A notable irony is that Monero is a privacy-based cryptocurrency and almost 9 in 10 cryptojacking cases are Monero related.
Even the bigwigs in the technology industry were not spared from this malicious activity with even Microsoft coming under the knife due to cryptojacking. Fraudsters were using Microsoft Word’s online video feature to encrypt cryptojacking scripts, a ploy to target millions of Word users. This plot was found out by an Israeli cybersecurity company called Votiro, which was followed by one of the researchers at the organization stating:
“The threat of cryptocurrency mining through browser has become one of the most trending concerns in the internet realm.”
How Can Cryptojacking Be Prevented?
The repercussions of cryptojacking have created a sense of uncertainty and doubt among the cryptocurrency user base which has made blockchain companies such as Digitex come out and address the issue.
As one of the fastest growing futures exchanges with our own native cryptocurrency, the DGTX token, we’re at the forefront of the cryptocurrency revolution. In fact, we’re aware of the issues in the industry and have taken significant steps to solve them. Our Managing Director of Development, Darragh commented:
“As regards what the end users should do to protect themselves, I advise, in addition to keeping their local environment up to date with the latest security patches, they should always use 2 factor authentication as part of their login to online applications and do not engage with internet applications that are not using secure HTTP protocols.”
His comments are something that a lot of users have to keep in mind provided how fast the cryptocurrency industry is growing, simultaneously expanding the threat of cryptojacking. The term two-factor authentication (2FA) is not some newly coined term but rather talks about the two steps users take to protect their data.
For example, when a user logs into an account from his or her laptop, a message is sent to the mobile number related to the account, thereby ensuring that the login is legitimate. Cryptojacking can also be prevented through education. Employees at corporate companies, for example, are usually trained to assess fraudulent behavior so that they don’t fall prey to it.
Darragh went on to say: “If they are using an authenticator, such as Google authenticator on their phone, then make sure that their phone and mobile subscription is also secure from attack.”
The statement rings true in today’s world where no device is left unscathed in the cryptojacking maelstrom.
Some Other Steps that Digitex Advises Users to Follow Include:
- Never click on a mail from an unknown source
- Never disclose personal details such as passwords and account numbers on a public forum
- Use anti-phishing software, a legitimate antivirus, and ad blockers to prevent pop-ups that often contain a malware
Sometimes, the cunning steps taken by hackers can be circumvented by utilizing a few tools to protect the user’s device.
- No-Coin– This is a free tool available online that works as an extension on browsers such as Mozilla Firefox and Google Chrome. The application is specifically targeted to protect the system against mining software and has even been tested to shield users from Coinhive. Although the software is quite popular, it is still not powerful enough to tackle the majority of cryptojacking attacks, so you need to rely on other sources as well.
- minerBlock– A web browser plugin, this software builds a database of compromised websites with the additional feature of letting users add more to the list. minerBlock comes in handy to tackle small code snippets that can pass themselves off as important source code.
Is There a Light at the End of the Tunnel?
There’s no doubt that cryptojacking is a major issue in the burgeoning field of digital assets. While companies such as ours are creating positive waves in developing the blockchain industry, hackers and illegal miners are devising new ways to conduct illegal practices. There is still hope, though.
With many big players creating awareness of cryptojacking and related activities, users are more in tune with what is going on around them. They need to make sure that they follow the steps given to them and watch for signs of their device malfunctioning. After all, the field of cryptocurrency is getting closer to mainstream adoption, so weeding out the bad actors is always a great step.