How cybercriminals profit by exploiting computers for cryptojacking
Q: What is “Cryptojacking”?
A: Cybercriminals are constantly exploring methods to exploit users for profit and with the popularity of cryptocurrencies on the rise, so is the malware that allows for cryptojacking.
Cryptojacking is the hijacking of Internet connected devices to secretly make use of the processor for the mining of cryptocurrency. The “mining” process is essentially computing devices solving complicated math problems that result in financial rewards to the “miner.”
By exploiting computers around the world, the bad guys avoid having to spend money on lots of computers in order to do the mining, which is why it’s becoming so popular.
Easy and Profitable
Cryptocurrencies such as Bitcoin require much more sophisticated computing configurations for profitable cryptojacking, but newer currencies like Monero are making this form of malware exploitation much more profitable.
The malicious code required to exploit victims is relatively simple to create and can be delivered in a variety of ways, which is why we’ve seen an exponential increase in detected malware. Several security firms have detected an increase of over 600 percent in exploits since the last quarter of 2017.
Another contributor to the popularity of this exploit is that unlike ransomware, there is no need to interact with your victims and it’s a relatively easy to stay anonymous while reaping the rewards.
In general, the primary impact on the victim is reduced available processing power, although it’s possible for them to overwork your processor to point of failure.
They know that if you detect something is wrong or they cause damage to your computer, they can no longer make use of it without your knowledge, which is why they tend to keep your CPU usage on the lower side.
Of course, any malware in your system can potentially allow other exploits to be installed, so making sure you’re not an unwitting victim is always a good idea.
Signs of Infection
Since this particular exploit is primarily interested in using your CPU (Central Processing Unit) without your knowledge, checking your CPU usage is a good start in detection.
Windows users can use the Task Manager (Ctrl + Shift + Esc) and click on the Performance tab to see a graph of CPU usage and Mac users can do the same via the Activity Monitor.
Under normal circumstances, the CPU graph should be relatively low and flat when nothing is running, so if you see high or erratic up and down movement of the CPU when you aren’t doing anything, there’s cause for concern.
This CPU activity can be the indication of a wide variety of issues – both nefarious and common -so having someone with technical experience dig into your system is the best way to diagnose the actual cause.
Another mining script you may encounter, which isn’t necessarily malware is called Coin Hive and it’s being used by websites to generate revenue in lieu of advertising. While you are visiting these websites, they can be ‘borrowing’ some of your CPU power in exchange for their information. Once you leave, it’s no longer mining, but if you want help detecting these types of websites, you can use AdGuard to alert you.