“Cryptojacking” Malware Attacks Are on the Rise
With the growing popularity of and interest in cryptocurrencies, many have seen Bitcoin and other currencies as their ticket to striking it rich. Apparently some hackers have felt the same way, leading to an increase in what’s known as “cryptojacking.” As MarketWatch explains, there’s been a rise in malware that turns various devices into crypto-mining machines without their owner knowing (or reaping any of the profits).
While most cryptocurrency newbies might assume that best way to invest in the space is to purchase coins and hope the price rises, there’s also been a surge in crypto mining. In short, mining involves having computers solve difficult math problems to create new coins and add transactions to the coin’s blockchain. When miners successfully add blocks, they are rewarded with some currency. The problem is that running the machines necessary to mine coins effectively can be expensive — mainly due to electricity costs. Thus some hackers have taken to adding computing power to their mining operations by infecting other machines.
One recent cryptojacking attack that was discovered affected a number of sites using the content management system Drupal. That CMS currently powers just over 4% of sites on the web and about 1% of those were apparently infected in the attack. Moreover, according to Coindesk, some major sites have been impacted by cryptojacking efforts, including sites for the San Diego Zoo, the National Labor Relations Board, and the City of Marion, Ohio.
In most of these cases the hackers responsible weren’t mining the popular Bitcoin. Instead many were mining Monero, which Vectra security analytics head Chris Morales says is known for the anonymity it offers. Morales also notes that Monero actually takes less computing power to mine than most other coins.
Although the threats of cryptojacking are real, there are a few ways users can help protect themselves against such attack. For starters, make sure to undetake basic security precautions such as strengthening passwords for devices and routers, utilizing anti-virus software, and keeping current with security updates. As for how you can spot potential cryptojacking infections, you may notice that various devices are acting strangely or are suddenly operating slower. Unusually high electric bills can also be a symptom of cryptojacking.
Beyond the computers, tablets, and cell phones that you’d expect to be targets of such attacks, security researcher Martin Hron of Avas says that other smart devices such as televisions, cameras, and even light bulbs are being targeted by cryptojackers. That makes detection particularly difficult as some infected devices may not have screens. To that point, Hron told MarketWatch, “That is a big issue. The only way to know the device is infected is just by detecting some unusual behavior of the device.”
Like with ransomware before it, cryptojacking might seem like the kind of malware you might see in a movie. Unfortunately these attacks are legitimate and could likely become a growing problem as cryptocurrencies continue to see gains. While hackers will always find new vulnerabilities to exploit, users should take action now to protect themselves from potential attacks and prevent their devices from making money for cybercriminals.