By Nick Marshall
We’re used to hackers coming for our data, private keys or passwords. These might not always be their target, however. Using the form of cybercrime known as cryptojacking, it could be your processing power they’re after. Cryptojacking was linked to more than 97.1 million attacks in 2021, and fraudsters are scaling their operations. Spot if your device or network has been hacked with this cryptojacking test, how the scam works and what to do next.
What Is Cryptojacking?
Cryptojacking is the unauthorized use of a victim’s computer, tablet or phone to mine for cryptocurrency. Think of it as hooking up to your neighbor’s power socket to run your domestic devices, although with significantly higher consumption.
Because crypto mining requires such a high degree of power consumption and processing power, it’s usually reserved for dedicated Application-Specific Integrated Circuit (ASIC) computers that can reach hash rates of 110 TH/S but typically consume 3250 watts per hour. A single Bitcoin transaction can consume the same amount of power that an American household uses in 75 days.
Instead of investing in the huge upfront costs of hardware, or meeting the high ongoing costs of crypto mining, cryptojackers steal bandwidth and processing power from their victims.
How Fraudsters Cryptojack
To cryptojack a target device, fraudsters sneak in malicious code that runs in the background, solving the complex mathematical equations that become blockchain transactions. Once the problem is solved, the code sends the results to a hacker-operated server. For each coin mined, the fraudster receives a reward.
Cryptojackers can corrupt a target computer or network by:
- Sending malware through an infected link (eg. email) that the user then clicks on
- Penetrating a network through an unsecured device or endpoint
If the intention is to mine crypto using free processing power, the software will typically run quietly in the background. The longer the cryptojacking goes undetected, the greater the rewards. If the aim is to block operations until a ransom is paid, however, as was the case with the devastating 2017 WannaCry attack, the victim’s systems will grind to a sudden halt.
Cryptojacking has traditionally been associated with Monero cryptocurrency, but fraudsters can also use Monero mining as the decoy for more serious network-wide attacks.
What Are the Risks?
The business cost of cryptojacking is not so much in terms of damage or data but processing resources. For a single desktop computer in a private home, that cost might be inconvenient but not drastic. For a large corporation with a global network of cloud services and servers, on the other hand, it can leave a clear impact on the bottom line.
A key concern is that cryptojacking is evolving from the individual endpoint and malware attacks to network and cloud-infrastructure-scale attacks. A quarter of businesses admit to being hijacked at some point, with illustrious names such as Tesla and Amazon Web Services among them.
Cloud networks are particularly vulnerable because many use open source code that hackers can seed with malicious code packets and libraries. Overall, 86% of compromised cloud resources are for cryptojacking. Another concern is shadowed IT in organizations. Either employees are using their own personal devices on a work network — something 70% of workers admit to doing — or they are taking homework hardware and using it on an unsecured network.
How To Spot the Red Flags
In a large organization, tech support is often the first department to raise the alarm that the network has been cryptojacked. Support tickets start coming in to address:
- Slower performance
- Frequent crashes
- Device overheating
These are all signs that a computer’s processor is being pushed beyond its intended threshold by crypto mining software. IT can confirm the presence of malicious code by checking CPU usage via the task manager, or simply comparing the current month’s electricity consumption and cloud computing costs to previous months.
How To Test for Cryptojacking
It’s not as simple as uninstalling a malicious application. Cryptojacking scripts are designed to hide, replicate and spread across networks. IT teams should focus on barring entry in the first place, through:
- Fortified endpoint and malware protection
- Ad blockers and browser extensions to neutralize malicious scripts
Ongoing network monitoring is essential, and IT teams should regularly check for the latest server patches in response to whatever emerging threats have been identified.
Keep Your Crypto Asset Secured
Your crypto assets themselves are not at risk with a cryptojacking attack, although there could be a wider hacking or ransomware attack in play. If you are targeted, however, it’s a clear signal that there’s a vulnerability at the device or network level that hackers could exploit further — and another reason to secure the title to your assets with TransitNet’s off-chain registry. Request an exclusive registration of TransitNet’s title registry when it launches.
Interpol – Cryptojacking
CSO Online – What is cryptojacking? How to prevent, detect, and recover from it
Investopedia – Cryptojacking Definition
Parachute Cloud – 2022 Cyber Attack Statistics, Data, and Trends
AS – How much electricity does a supercomputer dedicated to cryptocurrency mining consume?
Coingeek – Hackers use Monero cryptojacking as decoy for more invasive attacks: report