Cryptojacking- A New Opportunity for Cybercriminals

To better understand the concept of cryptojacking, the most used and the important concept of Mining in cryptocurrency should be known.

What is Mining?

Crypto currencies are digitalized assets used as a mode of financial transaction using blockchain technology, which is suited to manage digital ledgers over distributed network nodes. Mining refers to the validation of the transactions of these cryptocurrencies, which require hardware such as ASICs (Application specific integrated circuits), FPGAs (Field programmable gate array), GPU (Graphics processing unit) with huge computational power to run the complex algorithms. Miners play a vital role in ensuring the authenticity of the data by solving complex mathematical problems to anticipate each block and subsequently approving the transaction that is updated as a completed deal within a blockchain framework. Whenever a successful transaction is processed, miners get rewarded in the form of new cryptocurrencies. With increasing number of transactions, blockchain gets bigger and due to this there is a need for miners to upgrade the computational power of the mining hardware continuously.

Cryptojacking:

Definition: cryptojacking is a type of cyber-attack in which the hackers uses the victim’s computer in an unauthorized way to mine the cryptocurrencies.

The hackers manipulate the victim’s systems or device to validate the cryptocurrency transactions and create new cryptocurrencies which is diverted to the digital wallets of the hackers, while the overall cost incurred for the transaction including system maintenance costs and power consumption is beard by the system owner.

Hackers use various methods including malicious links and sent in an email which loads the crypto mining code on the victim’s computer or by inserting the code into the website and affecting the visitors or by infecting the online advertisements with the JavaScript code which will auto execute as soon as its loaded in the victim’s browser.

Cybercriminals are using cryptojacking as an alternative to ransomware as it needs the minimal cost for the hackers. In one of the research it was found that in November 2017, 33,000 of websites were running crypto mining scripts and it was estimated that those sites had a monthly visitor of around Billions. Cryptojacking are mostly undetected which enables the malware developers or attackers to utilize the hacked system as long as they need to mine cryptocurrencies.

Some of the Recent Examples of Cryptojacking Attacks:

Quick heal technologies detected around 3 Million of cryptojacking hits from January to May 2018.

February 2018 saw two cryptojacking attacks that were:

  • A Spanish cyber security firm, Panda stated that a cyrptojacking script named as “WannaMine” had been spreaded to the computers worldwide and was used for cryptocurrencies mining. This malware was used for mining “Monero”
  • Coinhive script was inserted into the software’s of 1000’s of government websites in the US, UK and Australia which allowed the hackers to mine the “Monero” cryptocurrency using the visitor’s browsers.
  • Recently it was revealed that the Tesla Inc. was the victim of cryptojacking, when the attackers hacked its Amazon- cloud account and were using it to mine the cryptocurrency.

Conclusion:

Cryptojacking may appear to be less damaging form of cyber-attack as it does not demand for any ransom amount or encrypt the data, but unlike other malwares, cryptojacking is difficult to detect and thereby creating a safer bet for hacking into systems than ransomware. With this form of cyber-attack there is an increasing need for the advancements in End-Point security.

Sonam Chawla,
Research Analyst(ICT),
Infoholic Research