Security

Have You Been Cryptojacked?

Hidden in the thicket of JavaScript, a permission-less browser-based mining script may be  patiently waiting to exploit your CPU resources — and you wouldn’t even know it. It’s called cryptojacking and the threat is on the rise. Here’s what you need to know to help prevent it.

What is Cryptojacking?

Cryptojacking is the secret, unauthorized use of your computer or network to mine and mint cryptocurrency. There are two common ways for the script to get onto your computer:

  • Through a traditional phishing attack in which a user clicks on and opens a link that activates the script. It then installs the code locally on the user’s PC or device and runs in the background.
  • The other method (known as drive-by cryptomining) requires no permission and is executed at the browser level when a hacker inoculates the malicious script into a website or through featured popup ads that execute simply by loading the website.

Once on your computer, the malicious code then utilizes your CPU and GPU resources to solve vastly complex mathematical problems that the hacker uses to mine cryptocurrency.

What’s unique about this threat is the hackers in this niche are not looking to extort large corporations for a big payday or demand large ransoms. Nor are they interested in your personal or company info. Instead, they want to siphon your CPU resources. They also prefer to infect a large number of smaller users because this group is less likely to even realize they are under attack.

What are the Symptoms of Cryptojacking?

There are two main symptoms to be aware of. If you are an individual or a small LAN,  look for a decrease in CPU performance similar to the RAM drain of having 30 Chrome tabs open and not refreshed for three days. Another symptom is a noticeable increase in your electricity bill.

The bigger your organization, the more damage this code can cause including:

  • Loss of productivity and a decrease in overall computing resources.
  • A substantial increase in utility or power costs.
  • Additional costs for forensics and bare metal solutions to solve an issue outside of the normal internal IT scope of work.

How to Prevent Cryptojacking

Big pains can come from small infections if not treated in time, so prevention is critical. To protect your company and keep your systems and data safe, view the following links for information, recommendations, and procedures that will help you sleep more peacefully at night knowing you have a good defense in place.

If you have questions about cryptojacking or need other security tips, contact EXP Technical today.