The rise of cryptojacking
There is a rising trend called crytptojacking. The bad guys are taking advantage of your computer, phone, or servers on the internet to run huge calculations. These are used to mine cryptocurrency. These can then be exchanged for tangible currency. Some predict that the trend is rising so quickly that it may overcome ransomware as the defacto profit center for cyber criminals.
The creativity of these attacks simply amazes me. It goes to show that attackers are actively finding new ways to make a dollar or two… million.
Cryptocurrency
A little background on crytpocurrency. This is a purely digital currency, with real value, such as Bitcoin, Litecoin, or Monero. You’ve probably already heard this in the news. There are some benefits such as a decentralized non-government control and anonymity. A related term to these currencies is blockchain. This is the public transaction database that keeps the system functional for everyone. The blockchain prevents you from spending the same Bitcoin twice, for example. It is a very elegant solution to keeping the system honest.
Cryptocurrencies aren’t inherently “good” or “bad.” Any form of currency can be obtained through less than honest means or spent on equally dishonest ends. With some effort, they can be nearly 100% anonymous. Services such as coinbase.com can exchange any cryptocurrency to just about any tangible government-backed currency you like. For example, one Monero is worth approximately $300 US today. one Bitcoin has fluctuated wildly between $1000 to over $17000 in 2017.
Cryptocurrencies are “mined” or generated on a computer, powerful server, or many computers in parallel. A miner essentially helps to validate transactions in the blockchain. The miner is rewarded for this work. Powerful hardware and equally enormous amounts of energy are necessary for this task. As time goes on, it takes longer and uses more energy to mine the same value. As a recent article points out, In November of 2017 the entire Bitcoin ecosystem’s energy consumption was greater what Ireland uses!
Cryptocurrency mining rigs have only one purpose and do not resemble a typical computer.
Cybercriminals looking to make a profit obviously don’t want to pay for the hardware and electricity to mine. They have found several unscrupulous ways to accomplish this mining at the expense of others. Let us explore a few.
Botnet crytpojacking
A botnet is a (large) number of hijacked computers under the control of a botmaster. These are routinely used to send spam messages. A new use is to mine cryptocurrencies. One such botnet, called Smominru, has infected over 500,000 Windows computers and makes its operators around 24 Monero per day (est. $8500 US).
Web server cryptojacking
This involves a more sophisticated attacker planting mining malware onto web servers. While a visitor is on that website, their computing power is used to mine for the benefit of the attacker. Some websites have millions of visitors per month, so this scales exceptionally well.
Some websites give visitors an option to view ads or mine cryptocurrency. That’s a legitimate choice, and one that may become more popular. This such attack isn’t legitimate: the website owner or the visitors have given consent; and that’s the problem.
A few other methods are a bit less popular. A group of Russian nuclear engineers “borrowed” a supercomputer to mine. Of course, not everyone has a supercomputer laying around. If you do… well, maybe mining isn’t the best use of it.
Future of mining cryptocurrency
Huge profit can be made by stealing the computing resources (and electricity) of millions of users. The pattern is mostly in scaling up to vastly enormous number of victim machines. A growing number of such devices are being connected to the internet. We’re talking millions daily! These are the “Internet of Things” (IoT) devices like security cameras, speakers, smart home products, appliances, and vehicles. Though they have less power to exploit, there’s simply a larger number of them. I think cyber criminals will learn to exploit these in volume.
Protecting yourself from cryptojacking
For now, it’s fairly simple to protect yourself. Use an ad blocker such as Ublock Origin or AdBlock Plus. These are simple to install in any browser, desktop, laptop, or phone-based. Just look in the add-ons store for your favorite browser.
Though there are some ethical considerations on how the website owner plans to pay for their investment. The explosion of malicious ads (and now, cryptojacking) forces us to defend ourselves.
Please subscribe below for updates on new postings. Thanks for reading!