Cryptojacking

Cryptojacking: Who’s Making Money at Your Expense?

Meet “cryptojacking,” the latest mysterious danger your grandparents never could have imagined. Once it’s explained, it’s not so mysterious – and neither are the ways you can keep it from happening to you.

At its heart, cryptojacking is just a way for someone else to grab what’s yours and use it to make money. Let’s talk about how it works and how they do it. It starts with cryptocurrencies – and what are those? They’re electronic forms of money that aren’t run by governments. Bitcoin’s a cryptocurrency. Also Ethereum, Monero, Litecoin, and many more.

Unlike government currencies run by central banks, cryptocurrencies are decentralized. Theoretically, at least, nobody’s in charge. So how do they handle key tasks associated with running a financial system – like avoiding counterfeiting, tracking transactions, and minting new currency?

The blockchain

It starts with the “blockchain.” Every transaction is encrypted and timestamped, and added to a “block” of transactions. When a certain number of transactions have been assembled, that block is added to a chain of blocks. (So that’s why it’s called a blockchain!)

Everybody on the system sees the blockchain, and once a block is added, it can’t be changed without the agreement of most participants, and without changing all the blocks that follow. That’s supposed to protect against counterfeiting and safeguard everyone’s transactions.

All this needs to be validated. That’s done by solving cryptographic problems, which requires quite a bit of computing power. Since it’s costly, you have to reward people for doing it. So, when they’re the first to solve one of these problems, the system gives them a brand-new “coin.” That’s called “cryptomining.”

Bitcoin, the first cryptocurrency, was designed to make mining new coins more difficult as the system grew. So cryptominers began buying all kinds of expensive specialized hardware to do it. (Some use the high-powered video cards originally designed for videogaming.) But, especially for other cryptocurrencies like Monero, there’s another way to mine crypto: share the work across lots of devices.

Think like a criminal

Now, think like a criminal. Who says you have to own all those devices? You could just hijack someone else’s.

That’s cryptojacking. And criminals have come up with two ways to do it:

  1. They can install malware on your computer or mobile device, which then runs a program to help mine crypto and sends them the results. (So if your computer or smartphone is suddenly running really slow, or really hot, that might be why.)
  2. They can infect a website, which then downloads a script into your browser. Your device then starts cryptomining for them, and keeps at it as long as you remain on the infected website.

Recent developments

Cryptojacking attacks exploded in 2018, following a run-up in cryptocurrency prices making it more lucrative. Meanwhile, a company called Coinhive made a business out of helping people build networks of web browsers that would share mining tasks (legally or otherwise). Unknown to the site owners, Coinhive’s scripts briefly found their way onto hacked sites ranging from The Los Angeles Times to Showtime.

Later in the year, cryptocurrency prices plummeted, and Coinhive shut down in March 2019. Cryptojacking attacks temporarily declined, as some criminals found they weren’t making much money.

But these attacks weren’t gone forever. Recently, new attacks appeared, apparently relying on the same dangerous EternalBlue vulnerability that’s previously been used to spread ransomware. Which raises another key point about cryptojacking: if a criminal can make your device mine crypto, he can make it do other things, too. Which brings us to solutions.

The EternalBlue Windows vulnerability has been fixed by Microsoft – but only if you stay up to date with security patches, so do it. Advanced anti-malware software like Sophos Home Premium identifies cryptojacking attacks, so use it. And if you run the Mozilla Firefox browser, it’s recently added a setting to block cryptomining scripts, so turn it on. (Choose Options, Privacy and Security. Check the Cryptominers box, and click Reload All Tabs.)

See? It’s not so hard after all!

Sophos Home Free includes a free 30-day trial of Premium plus an immediate Advanced Malware Removal to thoroughly clean your computer of any current malware infections.

Download Free Edition