The Rise of Cryptojacking

16 May The Rise of Cryptojacking

Nature, and apparently cyberspace, both abhor a vacuum. Thus, while the number of ransomware attacks have dropped significantly in 2017*, there’s a new “kid” on the cybersecurity block, and that kid’s name is cryptojacking.

What’s cryptojacking?

Cryptojacking is the unauthorized use of someone’s computing device to mine cryptocurrency. And, according to a recently published report from Symantec the instances of cryptojacking increased by some 8,500 percent in the fourth quarter of 2017.

How can someone use your device to mine a cryptocurrency without your permission and without your knowledge?  It turns out to be incredibly easy!

One method is to use an in-browser cryptojacking script that exploits JavaScript. JavaScript happens to run on most websites.  When you visit those websites the JavaScript code can run without being installed on your computer.  The page loads, the code runs, and the crypto mining begins.

Another method uses traditional phishing tactics to get targets to download malicious code to their machines which then hijack computing power to perform valuable, yet hard to detect, cryptomining work.

Some cryptojacking activities involve using virtual machines on a host organization’s network without permission or using personal devices on a host organization’s power grid.  In the first case, the host organization pays for the computing power used, and in the latter case, commonly seen on college campuses, the organization is supplying free power to its’ resident cryptominers without its’ knowledge or consent.

Difficultly of detection is one of the reasons cryptojacking has become so popular. Throw in the ease of deploying a cryptojacking campaign and the rapidly increasing value and variety of various cryptocurrencies, and you end up with a perfect storm of incentives for cryptojackers.

In our next post we will look at ways to detect and prevent cryptojacking on your devices and networks. Until then, stay secure!

* The SonicWall Capture Threat Network detected 183.6 million ransomware attacks in 2017. This marked a 71.2 percent drop from the 638 million ransomware attack events SonicWall recorded in 2016. Source: 2018 SONICWALL CYBER THREAT REPORT 

Mark Shriner is Director of Business Development for adaQuest a Microsoft Cybersecurity & Compliance partner with offices in Bellevue, Washington, Tokyo, and Sao Paulo.