Secret Mining Society - are your devices being cryptojacked?
Aug 28, 2018, 10:26:46 AM Published By Wirex Team
Cybercrime takes a near-infinite number of forms. As technology advances, criminals develop novel and ingenious ways to exploit vulnerabilities. Wirex Staff Writer Gemma Doswell takes a closer look at the insidious art of Cryptojacking.
A brief history of hackingHacking first emerged as a malicious term in the 1970s, when early hackers (known as phreakers, a young Steve Jobs among them) manipulated telephone hardware to get free long-distance calls. The 1980s saw large computer networks (Motorola and Nokia included) hacked by Kevin Mitnick, who became the catalyst for the first cybercrime legislation. In 1988, student Robert Morris created the Morris Worm on a floppy disk - the worm was designed to gauge the size of the internet by spreading through system vulnerabilities. It was not designed to cause harm, but was unintentionally coded in such a way that it formed a large-scale attack and slowed down computers to a point that eventually rendered them unusable. In 1991 Morris earned the dubious honour of being the first person ever to be convicted of computer fraud.
A new-age of cybercrimeSince the turn of the millennium, cybercrime has become increasingly sophisticated. Unlike the early days, during which hackers were easily identifiable thanks to their esoteric knowledge, cyber-criminals have become more difficult to trace and convict. The emergence of cryptocurrencies has given rise to an entirely new genre of cybercrime known as cryptocurrency mine hacking, or cryptojacking. Put simply, mining involves creating new digital coins by solving complex equations with a computer. Cryptojacking describes a situation in which a device is hacked remotely to harness its processing power to mine cryptocurrency. Like most crimes, cryptojacking is largely opportunistic - it takes vast amounts of electricity, relies on internet vulnerabilities and, depending on the coin being mined, requires more processing power than a single computer can generate. According to cybersecurity firm Avast, it would take 15,000 hacked devices four days to mine $1000 worth of any cryptocurrency. For this reason, Bitcoin is rarely a target for cryptojackers; the power needed to mine a whole bitcoin is prohibitive. However, many other cryptocurrencies are appealing targets for hackers. Worried? Here are five signs that your device has fallen victim to cryptojacking:
- CPU usage is suspiciously high -an average webpage uses approximately 20% CPU (computer processing power). Check your Task Manager to see CPU usage. If its over 20%, you should probably investigate further.
- Unusually high fan speed or noise - this suggests your computer is working harder than normal.
- Your computer is unusually slow.
- Unknown and unauthorised programmes appear on your machine.
- Your electricity bill is noticeably higher - the rise in power consumption if a device is cryptojacked is similar to the difference between a summer and winter electricity bill.
A breach in securityIn February 2018, the UK ICO (Information Commissioners Office) was cryptojacked to mine Monero. On review, web security researcher Scott Helme, reported that over 4000 websites had been affected. Hackers had added Coinhive mining software to an accessibility plugin called Browsealoud which is used by sites to assist blind users. Any device that loaded sites using the Browsealoud plugin could be infected. Hackers employ increasingly sophisticated methods of infiltration. If a device is connected to the internet, there are almost certainly ways for it to be accessed. The key is to safeguard your internet-connected devices with as many layers of protection as possible, making them less desirable targets. Here are some things that are known to attract cryptojackers - and some precautions you can take to stay safe:
- Wordpress - sites built on Wordpress are popular targets for hacking. Make sure you always operate the most up-to-date version and dont ignore patches and updates from developers.
- Front and back door entrances - if a devices admin password is weak, hackers can gain access. The admin is usually notified about this unauthorised access. However, if the site owner isnt quick enough to change the password, hackers can set up access through the sites back end (the back-door). This means that the owner wont be notified if theres another break-in. Using strong passwords and changing them regularly is a good way to safeguard against this.
- 2FA - using 2FA (two-factor authentication) like Google Authenticator helps to protect your online accounts.
- Unsecured sites - avoid browsing sites that dont start with https:// and dont click on unknown links or images.
- Firewalls install a market-leading firewall and invest in reputable anti-virus software.
- Ads - installing an ad-blocker will help prevent pop-ups and ads with malicious links.