Although ransomware-related hacks are on the rise ever since the invention of cryptocurrencies made it extremely convenient for criminals to collect money, you may be interested to know that a lesser known but equally prevalent type of hack - cryptojacking - is something that would be more likely to affect you.
Cryptojacking is a type of malicious attack on your computer whereby a hacker installs malicious software or code that puts your computer or device to work mining cryptocurrency. Instead of the cryptocurrency going to you, the hacker directs it to be sent to his or her wallet address, allowing him to profit off the use of your computer resources.
A quieter, silent killer
Unlike ransomware, which involves a hacker or attacker demanding a “Ransom” from its victims in exchange for returning, unlocking or giving back access to sensitive information, data or critical systems, cryptojacking focuses on quiet, undisclosed attacks on its victims. Their intention is for the target devices to mine cryptocurrencies in the background without alerting the user - and in many cases, this could happen for a prolonged period of time.
In most cases, cryptojacking would just result in the devices having slower performance, lag, or bugs, which people often attribute to other reasons such as computer breakdown or age. With the victim unalerted to the presence of the cryptojacking script or malware, the hacker gets a consistent stream of cryptocurrency earnings.
Less likely to be traced back
Unlike ransomware, which may even involve negotiations directly with the hacker, cryptojacking often involves the use of simple localized scripts and malware that mine anonymous privacy-focused coins like Monero, then sending these cryptocurrencies to the attacker. Not only does this make it more difficult to trace the attacks to its source, the low value of the cryptocurrencies being sent and the lack of consequences in terms of sensitive data breaches means that victims often do not pursue further action - making it a fairly easy operation for hackers.
Declining popularity in cryptojacking
Despite the fairly risk-free approach that cryptojacking can be, it has been declining rapidly in popularity.
1. Cryptojacking often requires scale and volume to be effective
As you may already know, cryptocurrency mining is an expensive and large-scale process. A massive Bitcoin farm made out of hundreds and thousands of mining rigs may not even bring enough profit to its owner on a bad day.
Unlike typical, high-efficiency cryptocurrency mining, cryptojacking uses low-efficiency, weak scripts that are very bad at mining. Often, they are scripts that use the CPU of the target device to mine, which would typically be a waste of electricity and barely be able to mine any cryptocurrencies.
In order for a cryptojacking operation to be profitable, one has to gain access to a large pool of devices - such as finding a breach in the security of a large group of devices - which is an “opportunity” that doesn’t come often.
2. Cryptojacking is becoming increasingly easier to prevent
The primary form of cryptojacking that targets consumers involves placing a cryptocurrency mining script in a website visitor’s browser, and having it mine cryptocurrency extremely slowly. While this operation does not have any long lasting effects on a consumer’s device, browser companies and antivirus software have taken steps to block these cryptocurrency mining scripts, and are now able to prevent almost all cases where this cryptocurrency mining is done without the user’s consent.
Despite this, more deeply embedded software or cryptocurrency-mining malware can have long-lasting damage on your computer (long-term stress placed by high CPU or GPU use on your computer can lead to your computer dying young), so always be sure to regularly perform antivirus scans on your computer to make sure no cryptojacking is happening!
3. The operation is not as profitable as one would imagine
Although installing a malicious script on somebody’s device to mine cryptocurrencies can be fairly easy to automate and spread through viruses, phishing links and other standard malware delivery options, the amount of profit that could come from cryptojacking has decreased drastically in the past few years. Privacy coins that are often mined using these scripts have changed their algorithms to become more resistant to usage in criminal activity such as cryptojacking, and the price of cryptocurrencies has fallen significantly from its all-time high during the cryptocurrency boom.
The amount of profit available on the table is so little that even the big players are not interested - Coinhive, a cryptojacking provider that wants to be legally used as an alternative to advertising on websites, closed last year in February after declaring that the cloud-mining style operation was unsustainable and unprofitable for Coinhive.
How to detect cryptojacking and protect yourself
Although it can be difficult to differentiate between typical computer stresses and cryptojacking affecting your device, there are some identifying signs that you may be affected:
- Your device is overheating even when there are no programs open
- Your electricity bills skyrocketed since a certain time despite no major increase in usage
- Your PC is noticeably slower ever since you downloaded or installed something
- Your antivirus seems to be malfunctioning, or you have not done an antivirus scan
- You have not updated your computer or device to the latest recommended versions