One big reason behind the popularity of this practice is the fact that cryptojacking requires next to no significant technical skills. According to the report, The New Gold Rush Cryptocurrencies Are the Frontier of Fraud, from Digital Shadows, cryptojacking kits are available on the dark web for as little as $30. The other reason is that hackers are able to make money without risking all too much. The risk of being caught and identified is also much less than with ransomware. The crypto mining code runs surreptitiously and can go undetected for a long time. Once discovered, it’s very hard to trace back to the source, and the victims have little incentive to do so since nothing was stolen or encrypted.
How do you know that you’re a victim of cryptojacking?
There are two primary methods that hackers use to secretly access a victim’s computer. The first is to trick victim into loading cryptomining code onto their computers. This is done through phishing-like tactics: Victims receive a legitimate-looking email that encourages them to click on a link. The link runs code that places the cryptomining script on the computer. The script then runs in the background as the victim works. The other method is to inject a script on a website or an ad that is delivered to multiple websites. Once victims visit the victim’s computer. Both methods runs complex mathematical problems on the victim’s computers and sends the results to a sever that the hacker controls.
Unfortunately there won’t be any obvious clues that you’ve been cryptojacked. However, there are a few signs. Sometimes the first indication is a spike in help desk complaints about slow computer performance. For enterprises, this should raise a huge red flag. Other indications might be if your systems overheat easily and more often than usual, which would cause the CPU or cooling fan failures or if you notice units lagging or responding very slowly to commands.
How to prevent cryptojacking
Organizations should begin to train employees on cryptojacking threats. Awareness training should focus on phishing-type attempts to load scripts onto users’ computers. “Training will help protect these organizations when technical solutions might fail.
Another prevention tactic is to install ad-blocking or anti-cryptomining extensions to web browsers. Cryptojacking scripts are often delivered through web ads, therefore installing an ad-blocker such as Ad Blocker Plus can help protect you by detecting crypto mining scripts. Organizations should also keep web filtering tools up to date. If you identify a web page that is delivering cryptojacking scripts, make sure your users are blocked from accessing it again.
Use a mobile device management (MDM) solution to better control what’s on users’ devices. Bring-your-own-device (BYOD) policies present a challenge to preventing illicit cryptomining. “MDM can go a long way to keep BYOD safer,” says Laliberte. An MDM solution can help manage apps and extensions on users’ devices. MDM solutions tend to be geared toward larger enterprises, and smaller companies often can’t afford them. However, Laliberte notes that mobile devices are not as at risk as desktop computers and servers. Because they tend to have less processing power, they are not as lucrative for the hackers.
How to respond to cryptojacking
Update and purge browser extensions. “If an extension infected the browser, closing the tab won’t help,” says Laliberte. “Update all the extensions and remove those not needed or that are infected.”
Learn and adapt. Use the experience to better understand how the attacker was able to compromise your systems. Update your user, helpdesk and IT training so they are better able to identify cryptojacking attempts and respond accordingly.