What Is Cryptojacking and How Can You Avoid It?
Pinterest Whatsapp

A new security threat is in town: cryptojacking. The cryptocurrency explosion is moving nefarious individuals to power mining systems anyway possible. And the latest method for securing additional, free power is by hijacking your system resources.

We wrote recently concerning the significant rise in browser-based cryptocurrency mining scripts Are Websites Using Your CPU for Cryptocurrency Mining? Are Websites Using Your CPU for Cryptocurrency Mining? Online adverts are unpopular, so infamous online piracy site The Pirate Bay has hit upon a solution: use every visiting PC to mine cryptocurrencies. Would you be happy if your PC was hijacked like this? Read More . Well, those scripts are now in their next phase, making it easier for criminals to harvest your machine for longer, without alerting you to the resource-sucking issue at hand.

Let’s find out what cryptojacking is and what you can do about it.

Why Steal System Resources?

Before we consider cryptojacking as a whole, let’s consider the reasons behind it. Why are hackers stealing system resources?

Well, cryptocurrency doesn’t grow on trees. No, it grows on servers, waiting to be mined. That doesn’t help things, either. The vast majority of cryptocurrencies use “mining” Is It Profitable to Cloud Mine Bitcoin? Is It Profitable to Cloud Mine Bitcoin? There are many ways to mine Bitcoin, including cloud services. But is it profitable? Here's everything you need to know about cloud mining Bitcoin. Read More to mediate the specific crypto-network.

Network transactions are added to a block. The block sends to the network of connected miners Blockchains, Merged Mining, & ASICs: Lingo You Need To Know About Cryptocurrency Mining Blockchains, Merged Mining, & ASICs: Lingo You Need To Know About Cryptocurrency Mining Have you kept yourself away from cyrptocurrencies or a discussion on their future? It's easy to get lost in the lingo. Don't get left out with this handy reference guide. Read More (users who have downloaded the blockchain) for verification. The miner’s systems process complex equations and, on confirmation that the transactions are legitimate, the block adds to the chain. At that point, the transactions contained in the block process, while the miners receive a block reward (this differs between cryptocurrencies; the current Bitcoin reward is 12.5 BTC).

The key to crypto-mining success is how quickly your system processes equations. Bitcoin mining is now useless for the average, nay, even high-end systems. The sheer volume of mining power drowns out tiny home systems. You’ll note that if you complete an internet search for “mining pc” the results all relate to Ethereum How to Build an Energy-Efficient Ethereum Mining Rig How to Build an Energy-Efficient Ethereum Mining Rig Ethereum is an up and coming cryptocurrency. In this article, we cover everything you need to know to build you own mining rig. Read More and other, smaller cryptocurrencies.

So, the key to making money mining cryptocurrency is raw processing power. And what better way to harness processing power than by stealing that from unsuspecting internet users?

JavaScript Cryptocurrency Mining

That’s where cryptojacking picks up the slack. Not content with building mining rigs with expensive specialized equipment, enterprising hackers spotted an opportunity. Cryptocurrency mining scripts aren’t that new — we’ve seen several sites trial them as a revenue stream. Furthermore, we’ve seen several notable websites succumb to cryptocurrency mining.

American TV network Showtime made several public apologies after a crypto-mining script was found concealed on two of their sites. The sites, Showtime and ShowtimeAnytime, concealed a JavaScript-based Monero miner. The code is developed and maintained by CoinHive, who takes around 30 percent of any block rewards. Showtime neglected to comment on the code, and we are as yet unsure who inserted the code into the sites.

what is cryptojacking and how to avoid it

Showtime, however, is far from the only site to feature a JavaScript-based cryptocurrency miner. Ever-present torrenting site The Pirate Bay (try one of these six alternatives Top 6 Free Torrent Alternatives for The Pirate Bay Top 6 Free Torrent Alternatives for The Pirate Bay The Pirate Bay shut shop. But there are lots of alternatives out there. You just need to know where to look. Here are the top six torrent sites other than The Pirate Bay. Read More ) experimented with a CoinHive mining script, while Politifact suffered the same issue as Showtime, as did the personal website of soccer star Cristiano Ronaldo and the Ultimate Fighting Championship’s pay-per-view site.

Okay, So What’s Cryptojacking?

Cryptojacking is the coverall term given to this type of drive-by browser-based cryptocurrency mining. CoinHive, purveyors of the most popular script, advertise their product as an alternative to advertising revenue. Their script allows users to “pay you with full privacy, without registering an account anywhere, without installing a browser extension and without being bombarded by shady ads.” The last part of that sentence alone is laughable.

The practice has evolved even in the short time CoinHive and its script have been active. The latest version of the script (known as AuthedMine) offers users the chance to accept the cryptocurrency mining, or decline and face regular ads, instead. The new opt-out is optional, mind. Not every website running the CoinHive script will make this offer.

what is cryptojacking and how to avoid it

Cryptojacking is evolving in other ways, too. Not content with simply pillaging other people’s systems for personal gain, enterprising hackers send unsuspecting users through redirect loops. Users end up on a web page running a cryptocurrency mining script. If they don’t notice, hackers make more money.

With that in mind, there are instances of a tiny browser window hiding beneath the system clock, found on the taskbar. The tiny browser window is obscured by the system clock and is “free” to run the mining script until the user notices something is wrong.

How Widespread Is Cryptojacking?

Well, a recent study conducted by independent security researcher Willem de Groot revealed 2,496 individual sites running a crypto-mining script. The sites de Groot found all run outdated software that is easily exploited by hackers. A hacker compromises a site then inserts their dedicated CoinHive code, letting the site and its users do the rest.

what is cryptojacking and how to avoid it

In October 2017, Malwarebytes reported [PDF] 8 million blocks per day, each preventing potential cryptojacking. Furthermore, the report illustrated cryptojacking activity by geolocation. The U.S. tops the list with 32 percent of all attempted cryptojacking traffic (followed by Spain, France, Italy, and Canada).

what is cryptojacking and how to avoid it

Web pages aren’t the only thing with the potential for hijacking. Malicious apps are dime-a-dozen on the Google Play Store, but researcher Gabriel Cirlig at ixiacom noted two apps with a combined 15 million downloads (both apps have since rectified the issue).

The answer is… it’s neither here nor there. Yes, there are malicious apps and websites unwittingly crypto-mining on someone else’s behalf. Yes, there are some sites seriously considering cryptojacking as a viable alternative to regular advertising. No, it isn’t quite as widespread as some news outlets would have you believe.

Is It Illegal?

Here’s the thing: it isn’t illegal — yet. It’s only unethical and extremely frowned upon.

But as yet, it isn’t illegal to harness someone else’s processing power to mine cryptocurrency in this manner. It differs from a botnet because the hackers are not forcing malware onto your system The Complete Malware Removal Guide The Complete Malware Removal Guide Malware is everywhere these days, and eradicating malware from your system is a lengthy process, requiring guidance. If you think your computer is infected, this is the guide you need. Read More . Furthermore, the script itself doesn’t create a permanent vulnerability for exploitation by other nefarious parties. When the tab closes, the miner stops.

The serious complications arise because to some, CoinHive and “legitimate” browser-based crypto-mining scripts present a viable, even attractive alternative to the bloated advertising networks. As advertisers become more aggressive in their ad displays, more and more people are switching ad-blockers on. This, in turn, hurts the pockets of the website owners. And it isn’t like traditional ad networks are free of security risks anyway. (Malvertising campaign, anyone? What Is Malvertising and How Can You Protect Yourself? What Is Malvertising and How Can You Protect Yourself? Beware: malvertising is on the increase, representing a considerable online security risk. But what is it, why is it dangerous, where is it hiding, and how can you stay safe from malvertising? Read More )

Major institutions are unsure how to approach it, too. Malwarebytes blocks the CoinHive site as a malicious or unwanted site. But Malwarebytes Lab director Adam Kujawa says, “I actually think the whole concept of a script-based miner is a good idea. It could be a viable replacement for something like advertising revenue. But we’re blocking it now just because there’s no opt-in option or opt-out. We’ve observed it putting a real strain on system resources. The scripts could degrade hardware.”

Unfortunately for CoinHive, intentions good or bad, their original script is out there. And that script is popping up again and again in less-than-favorable circumstances, on websites that are obviously compromised.

How Do I Stay Safe?

Staying safe isn’t actually too difficult. There are two main methods.

  1. Browser Extensions: There are several anti-mining specific extensions for Chrome (the browser with the highest rate of cryptojacking). Try No Coin or minerBlock.
  2. Script Blockers: The above blockers focus on mining scripts. There are other excellent script blockers available for Chrome and other browsers. uBlock Origin has an excellent array of script blocking lists. Mozilla users might try NoScript.

As we have seen, cryptojacking isn’t an enormous problem — yet. But as more sites realize it is a potentially lucrative revenue stream there may well be an uptick.

Have you experienced cryptojacking? What site were you visiting? Did you realize straight away? What do you think about cryptojacking as a standard advertisement replacement? Let us know your thoughts in the comments!

Enjoyed this article? Stay informed by joining our newsletter!

Enter your Email

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Sean
    January 23, 2018 at 8:53 pm

    Have noticed my mobile battery life only lasting a couple of hours. It began after downloading a few crypto apps. They are, cryptomarket, crypto coin pump notifier and binance.

  2. Tom
    January 4, 2018 at 12:56 pm

    It is so obviously a SCAM that I am amazed anyone falls for it. But why isn't Microsoft (or lw enforcement) chaing and prosecuting these people and making their life hell?