How Cryptojacking Works and How To Spot It

You work hard to make sure that you’ve invested in the right cryptocurrency and kept up with all the market trends. With all of the positives of digital currency, naturally, there are risks and threats as well. Even though the blockchain is a fairly secure system, hackers have found ways to take advantage of others’ resources for their own benefit — the stealing of crypto resources is known as cryptojacking.

It’s believed that the first instance of cryptojacking took place in 2017 when hackers realized that they could exploit CoinHive’s passive link mining code and have unsuspecting users mine currency for them. Anyone who mines their own cryptocurrency knows that it takes a lot of power and resources to make a profit. Some scripts that have been developed and deployed have also allowed hackers to steal straight from digital wallets as well. See how this process works below:

1. Compromise An Asset: The hackers embed scripts in a web browser, cloud account or malicious email.
2. Activate Script: Users either click links or sites that allow these scripts to run.
3. Scripts Run: The scripts begin to run unsuspectedly in the background.
4. Use Resources: Unknowing users’ devices are used to solve complex algorithms to mine blocks.
5. Hackers Get Rewarded: Hackers receive the cryptocurrency that others mine anonymously.

These hackers get rewarded with very little risk or effort on their end, this has lead to the increased use of cryptojacking scripts. Security companies and researchers work hard to discover these scripts along with other strains of malware and ransomware. Back in August of 2019, Varonis discovered a Monero cryptominer strain, when the strain was discovered it had spread to every computer in the infected company they were investigating. They don’t just target businesses, cryptojacking and mining scripts can be run on personal devices too.

When attempting to prevent cryptojacking remember these tips:

• Do not to click links in emails or strange sites.
• Use anti-cryptomining browser extensions.
• Use ad-blockers to block malicious code in online ads.
• Disable JavaScript to block cryptoming code.

Signs that you’ve been compromised include:

• Decrease in performance in computing devices.
• Overheating of devices and running fans for cooling.
• Monitor computer for an increase in CPU usage.
• Check for coding and file changes on your site.
• Scan for malware and monitor your websites.
• Follow crypto-news and look for parallels on your site or device.

To see the tips discussed above and more on how it works, see the animated visual below (courtesy of Varonis).