According to a study by the cybersecurity firm, Aqua Security, cloud servers remain a major target for cryptojacking. Cryptojacking is the unauthorized use of devices that use your machine’s resources to mine cryptocurrency.
The ‘2020 Cloud Native Threat Report’ states that between the second half of 2019 and the first half of 2020, attacks of this nature surged by 250%. In total, 95% of the 16,371 attacks registered during this period were related to cryptojacking. With such perpetrators, their exploit relies heavily on the use of XMRig, a well-known Monero (XMR) mining app, to deploy the attacks.
As crypto prices have risen, researchers have witnessed an increased amount of cryptojacking and other related attacks. Advancement in technology may help to put into place more secure protocols. However, hackers are not resting thus creating a challenge to secure security protocols in the long-term.
Cryptojacking
Criminals are using ransomware-like tactics and poisoned websites to get your employees’ computers to mine cryptocurrencies without exactly letting them know the real agenda behind a scam. It is a scheme to use people’s devices without their consent to secretly mine cryptocurrency on the victim’s dime. If you are a victim of cryptojacking you may not notice. Most cryptojacking software is designed to stay hidden from the user. However, that does not mean it is not taking its toll. This theft of your computing resources slows down processes, increases your electricity bill, and shortens the life of your device. Depending on how subtle the attack is, you may notice certain red flags.
The motivation behind cryptojacking is simple: money. Mining cryptocurrencies can be very lucrative but turning a profit is now next to impossible without the means to cover large costs.
How It Works
Cryptojackers have more than one way to enslave your computer. There is the classic malware method. You click on a malicious link in an email and it loads crypto mining code directly onto your computer. Once your computer is infected, the cryptojacker starts working around the clock to mine cryptocurrency while staying hidden in the background. Because it resides in your PC, it is local – a persistent threat that has infected the computer itself.
Drive-by crypto mining is another method of cryptojacking. Similar to malicious advertising exploits, the scheme involves embedding a piece of JavaScript code into a Web page. After that, it performs cryptocurrency mining on user machines that visit the page.
Drive-by crypto mining can even infect your Android mobile device. It works with the same methods that target desktops. Some attacks occur through a trojan hidden in a downloaded app. There is even a trojan out there that invades Android phones with an installer so nefarious, that it can tax the processor to the point that the phone overheats, makes the battery bulge, and essentially leaves your Android for dead.
The other method is to inject a script on a website or an ad that is delivered to multiple websites. Once victims visit the website or the infected ad pops up in their browsers, the script automatically executes. The code runs complex mathematical problems on the victim’s computer and sends the results to a server that the hacker controls.
Some crypto mining scripts have worming capabilities that allow them to infect other devices and servers on a network. It also makes it harder to find and remove.
To increase their ability to spread across a network, crypto mining code might include multiple versions to account for different architectures on the network.
Some cybersecurity pros point out that, unlike most other types of malware, cryptojacking scripts do no damage to computers or victims’ data. However, stealing CPU resources has consequences. For larger organizations that have suffered cryptojacking, there are real costs associated with this. Electricity costs, IT labor costs, and missed opportunities are just some of the consequences of what happens when an organization is affected by drive-by cryptojacking.
Prevalence of Cryptojacking
Cryptojacking isn’t new but is already one of the most common online threats. Cryptojacking does not even require significant technical skills. The risk of being caught and identified is also much less than with ransomware. The crypto mining code runs surreptitiously and can go undetected for a long time.
Once discovered, it is very hard to trace back to the source, and the victims have little incentive to do so since nothing was stolen or encrypted. Cryptojackers continue to up their game, invading increasingly powerful hardware. Cryptojackers are a clever lot, and they have devised several schemes to get other peoples’ computers to mine cryptocurrency. Cryptojacking of personal devices remains the more prevalent problem since stealing little amounts from many devices can add up. Cryptojackers seem to prefer cryptojacking to ransomware as it potentially pays hackers more for less risk.
