Xenace Logo
Call Us: 0333 444 44 02
Email: info@xenace.com
  • Home
  • Blog
  • Everything You Need to Know About Cryptojacking

Everything You Need to Know About Cryptojacking

We recently wrote a post all about Bitcoin and how it could rise to be as common as traditional currency. As with most cyber trends, with the rise of new technology comes the rise of new risks to cybersecurity. In this case, as cryptocurrency has grown, so has Cryptojacking. In a report conducted by Symantec, it was revealed that cases of this new cyber attack surged by 8,500 percent within the last few months of 2017.

What is Cryptojacking?

Simply put, Cryptojacking is the unauthorised use of your computer to mine cryptocurrency. Mining cryptocurrency requires a huge amount of computer power, it runs a software on your computer to convert blocks of the transactions between people into sequences of code known as 'hash'. This is a highly competitive process with many miners working on the same block at any time, the first to convert the block correctly receives a reward in Bitcoins. Cybercriminals use coin miners to steal their victims’ computer processing power and cloud CPU usage to allow them to mine the maximum amount of cryptocurrency and therefore receive the maximum reward

How can cybercriminals use your computer to mine?

There are a number of ways in which cybercriminals can take advantage of your computer. The first is by using a phishing e-mail to encourage you to click on a spurious link that loads cryptomining code onto your computer or installs software that they can run in the background.

However, more advanced attacks do not even need to install anything onto your computer, there has been a recent rise of ‘in-browser Cryptojacking’ which uses Javascript that auto-executes on most websites that you would use. Adguard found Cryptojacking scripts on over 33,000 sites with a total traffic of 1 Billion monthly visits

What effect could it have on the victim?

This type of attack is dangerous because to a user it is totally invisible, the only possible sign would be slower computer performance. Because of its extreme use of device power, Cryptojacking could potentially cause a device’s batteries to overheat and therefore the device could become unusable. Also, it can be very dangerous for companies that fall victim, cybercriminals may shut down corporate networks to achieve the maximum amount of power. Coin mining in the cloud also has financial implications for organisations that are being billed based on CPU usage because they will have to pay for this extra power that these criminals are using.

How can you protect yourself?

Awareness: The best way to protect against phishing based Cyrptojacking is to incorporate it into your security awareness training to ensure that no accidents are made due to lack of employee awareness that could cost your company greatly.

Did you know that Xenace have created an interactive training platform called Phishwise that can identify your company’s susceptibility to phishing attacks and educate your employees on how to avoid such attacks? Visit our website or get in touch for more information.

Install Software: Employee training is effective against spurious links, but it won’t help with Javascript based attacks. As it is present on a lot of common websites, it is impossible to tell employees which websites not to visit. It is most effective to install an ad-blocking or anti-cryptomining extension on web browsers against an in-browser attack to automatically detect such scripts. Cryptojacking scripts are often mediated through ads on web pages, thus installing an ad blocker can be an effective means of stopping them. There is also specific software such as No Coin and MinerBlock which you can install specifically for this issue.

Manage and monitor browser permissions: If you identify a web page that is delivering Cryptojacking scripts, make sure your users are blocked from accessing it again. Some attackers are using malicious browser extensions or poisoning legitimate extensions to execute crypto mining scripts, so it is also a good idea to monitor your browser extensions too.

It is important to always keep up with the ever-evolving developments in cyber attacks, Cryptojacking is just the latest to educate yourself on. Keep up to date with our blog to find out all the latest ways that you can keep yourself and your business cybersecure.

 

 


Latest Tweets
Contact Details
  • London (Head Office)
    71-75 Shelton Street
    Covent Garden
    London, WC2H 9JQ
  • Phone: 0203 890 5533
  • Essex Office
    North Colchester Business Centre
    340 The Crescent, Colchester
    Essex, CO4 9AD
  • Phone: 01206 911 363
  • Kent Office
    Media House, 99-101 High Street
    Orpington
    Kent, BR6 0LG
  • Phone: 01689 493 366
  • Email: info@xenace.com
  • Monday - Friday: 8:30 am - 6:00 pm
    Saturday - Sunday: Closed
Get in Touch
© 2019 Xenace Ltd. Terms & Conditions | Privacy Policy