Announcing a Return to our Roots: The All-New Bitcoin Magazine
Verified on Po.et Created with Sketch. Verified on Po.et

Computer Users Face Growing Threat from Cryptojacking — Report

by

        National Cyber Security Centre reports computer users face growing threat from cryptojacking
National Cyber Security Centre reports computer users face growing threat from cryptojacking

Computer users now have one more thing to worry about: cybercriminals secretly tapping into your CPU or GPU to mine cryptocurrencies. Due to an ability to access your computer via a web browser, “cryptojacking” is on the rise, cautioned a British government agency.

“The technique of delivering cryptocurrency miners through malware has been used for several years, but it is likely in 2018-19 that one of the main threats will be a newer technique of mining cryptocurrency which exploits visitors to a website,” the U.K.’s National Cyber Security Centre (NCSC) wrote in its annual report on April 10, 2018.

Some History

While other types of malware have to find a way to trick you into downloading software, in-browser cryptojacking malware doesn’t require you to install a program. Instead, hackers infect a website or an online ad with JavaScript code that auto-executes once it loads in your browser. The cryptomining code then does its job in the background while you continue using your computer as normal. A lag in performance may be the only clue that a computer has been compromised.  

Cryptojacking took off in September 2017 when Coinhive published a JavaScript miner that could start mining the ASIC-resistant cryptocurrency Monero (XMR) after a webpage loaded. “Your users run the miner directly in their browser and mine XMR for you in turn for an ad-free experience, in-game currency or whatever incentives you can come up with,” Coinhive says on its website.

Shortly after, popular torrent download site Pirate Bay incorporated Coinhive as part of a new monetization scheme that would replace the advertisements that normally keep the site afloat. “We really want to get rid of all the ads. But we also need enough money to keep the site running,” Pirate Bay said in a blog post on September 16, 2017.

During the latter part of 2017, Coinhive clones started popping up left and right. Hackers  even found ways to inject the scripts into popular websites like Politifact.com and Showtime unbeknownst to the site owners. Today, the internet is rife with in-browser miners.

Global Problem

As pointed out in the NCSC report, in December 2017, Check Point revealed that 55 percent of businesses globally were impacted by cryptominers. “Popular websites are likely to continue to be targets for compromise, serving cryptomining malware to visitors, and software is available that, when run in a webpage, uses the visiting computer's spare computer processing power to mine the digital currency Monero,” the NCSC says.

The report also points out that in February 2018, over 4,000 websites worldwide, including many government ones, were affected by the cryptojacking script. The problem was eventually traced to a website plug-in called Browsealoud, used to help blind and partially sighted people access the web.

Using an ad blocker or antivirus program with features that block browser mining is the best way to prevent crypto hijacking, the report advised. (There's also a Chrome extension called No Coin that blocks cryptocurrency miners like Coinhive.)

Recommended

Another Cryptocurrency Exchange Hack Hits Japan [UPDATED]

The hacker siphoned off 4.5 billion yen from user accounts and 2.2 billion yen from the company’s own assets. The three virtual currencies stolen include bitcoin, monacoin and bitcoin cash.

Amy Castor

BitConnect's Alleged Ringleader Arrested in India: Local Reports

Divyesh Darji, the alleged leader of BitConnect’s Asian team, was arrested this Saturday, August 18, 2018, in the Delhi airport by the Gujarat Criminal Investigation Department (CID).

Colin Harper

This Crypto Scam Botnet Consists of Over 15,000 Separate Bots

Researchers at Duo Labs have discovered that Twitter is home to at least 15,000 scam bots and have published their findings in a new report.

Nick Marinoff

South Korean Bithumb Exchange Loses $30M in Latest Cryptocurrency Hack

The exchange states that due to the hack, deposits and withdrawals will be temporarily suspended until further notice.

Jimmy Aki