← Back to articles

Secret Mining Society – are your devices being cryptojacked?

August 28, 2018 10:26 am Published by

Cybercrime takes a near-infinite number of forms. As technology advances, criminals develop novel and ingenious ways to exploit vulnerabilities. Wirex Staff Writer Gemma Doswell takes a closer look at the insidious art of ‘Cryptojacking’.

A brief history of hacking

Hacking first emerged as a malicious term in the 1970s, when early hackers (known as ‘phreakers’, a young Steve Jobs among them) manipulated telephone hardware to get free long-distance calls. The 1980s saw large computer networks (Motorola and Nokia included) hacked by Kevin Mitnick, who became the catalyst for the first cybercrime legislation. In 1988, student Robert Morris created the Morris Worm on a floppy disk – the worm was designed to gauge the size of the internet by spreading through system vulnerabilities. It was not designed to cause harm, but was ‘unintentionally’ coded in such a way that it formed a large-scale attack and slowed down computers to a point that eventually rendered them unusable. In 1991 Morris earned the dubious honour of being the first person ever to be convicted of computer fraud.

A new-age of cybercrime

Since the turn of the millennium, cybercrime has become increasingly sophisticated. Unlike the early days, during which hackers were easily identifiable thanks to their esoteric knowledge, cyber-criminals have become more difficult to trace and convict. The emergence of cryptocurrencies has given rise to an entirely new genre of cybercrime known as cryptocurrency mine hacking, or cryptojacking.

Put simply, mining involves creating new digital coins by solving complex equations with a computer. Cryptojacking describes a situation in which a device is hacked remotely to harness its processing power to mine cryptocurrency. Like most crimes, cryptojacking is largely opportunistic – it takes vast amounts of electricity, relies on internet vulnerabilities and, depending on the coin being mined, requires more processing power than a single computer can generate. According to cybersecurity firm Avast, it would take 15,000 hacked devices four days to mine $1000 worth of any cryptocurrency. For this reason, Bitcoin is rarely a target for cryptojackers; the power needed to mine a whole bitcoin is prohibitive. However, many other cryptocurrencies are appealing targets for hackers.

Worried? Here are five signs that your device has fallen victim to cryptojacking:

  1. CPU usage is suspiciously high  an average webpage uses approximately 20% CPU (computer processing power). Check your Task Manager to see CPU usage. If it’s over 20%, you should probably investigate further.
  2. Unusually high fan speed or noise – this suggests your computer is working harder than normal.
  3. Your computer is unusually slow.
  4. Unknown and unauthorised programmes appear on your machine.
  5. Your electricity bill is noticeably higher – the rise in power consumption if a device is cryptojacked is similar to the difference between a summer and winter electricity bill.

A breach in security

In February 2018, the UK ICO (Information Commissioner’s Office) was cryptojacked to mine Monero. On review, web security researcher Scott Helme, reported that over 4000 websites had been affected. Hackers had added Coinhive mining software to an accessibility plugin called Browsealoud which is used by sites to assist blind users. Any device that loaded sites using the Browsealoud plugin could be infected.

Hackers employ increasingly sophisticated methods of infiltration. If a device is connected to the internet, there are almost certainly ways for it to be accessed. The key is to safeguard your internet-connected devices with as many layers of protection as possible, making them less desirable targets.

Here are some things that are known to attract cryptojackers – and some precautions you can take to stay safe:

  • WordPress – sites built on WordPress are popular targets for hacking. Make sure you always operate the most up-to-date version and don’t ignore patches and updates from developers.
  • Front and back door entrances – if a device’s admin password is weak, hackers can gain access. The admin is usually notified about this unauthorised access. However, if the site owner isn’t quick enough to change the password, hackers can set up access through the site’s back end (the “back-door”). This means that the owner won’t be notified if there’s another break-in. Using strong passwords and changing them regularly is a good way to safeguard against this.
  • 2FA – using 2FA (two-factor authentication) like Google Authenticator helps to protect your online accounts.
  • Unsecured sites – avoid browsing sites that don’t start with https:// and don’t click on unknown links or images.
  • Firewalls – install a market-leading firewall and invest in reputable anti-virus software.
  • Ads – installing an ad-blocker will help prevent pop-ups and ads with malicious links.

A smarter alternative

Leading hybrid money platform Wirex understands that security is imperative – especially when it comes to something as important as your money. That’s why the Wirex app features industry-leading security measures, including two-factor authentication and 3-D Secure fraud prevention.

This means that you can buy, sell, store and exchange BTC, LTC and XRP with absolute peace of mind. Mining crypto may be out of reach for most, but Wirex lets you link your debit/credit card to your Wirex BTC, LTC or XRP wallet to invest and spend your digital coins hassle-free.

Download Wirex Now

Security 101: Staying safe in today’s digital world

Gone are the days of safe deposit boxes and padlocked filing cabinets full of personal documents. Today, our increasingly digital world means information and possessions that were previously physical are now much more likely to be stored online. In fact, a 2015 study found that 42% of respondents created more than 50 new personal profiles… View Article

How Singapore is becoming a crypto-hub

When it comes to cryptocurrency adoption, the Asia-Pacific region is way ahead of the curve. The likes of South Korea, Hong Kong, China and Japan were early adopters of crypto and blockchain technology; now, Singapore is quickly emerging as a world leader in the mainstream adoption of digital currency. Regulatory Stance The Monetary Authority of… View Article

Who’s afraid of the big, bad FUD?

Cryptocurrency has experienced something of a reputational rollercoaster in recent years. Its peak came in December 2017 when the value of Bitcoin hit a high of $19,783.06. Of course, it’s not all stunning highs and media accounts of millionaires made overnight – extreme market volatility means lows too. Since the start of 2018, the reputation… View Article

9 industries that use blockchain

Blockchain technology is starting to gain traction in the mainstream. Its efficiency, transparency and versatility appeal to consumers and businesses alike, making wide-scale adoption likely in the coming decades. Recognising blockchain’s potential to disrupt traditional infrastructure, many industries have started integrating the technology into their business processes. Financial services companies are amongst the early adopters… View Article