Cryptojacking on the Rise

Since 2013, companies have had one main thing on their minds when it came to IT security – ransomware – an exploitative attack that’s cost thousands of users countless hours and billions of dollars from which to recover.

In 2017, when the world was first hit by the famous WannaCry ransomware, users were required to send bitcoin to their attackers in order to unlock files. But after 200,000 computers were infected and only about $50,000 dollars was transferred, attackers have begun to rely on “cryptojacking” to cut the human element out of the process and have computers generate the money, all without us knowing.

What Is Cryptojacking?

Cryptojacking occurs when a computer is unknowingly manipulated to mine cryptocurrency that is then sent to the attacker. Using a complex algorithm, miners can be anyone who wants to use their own computer to process the algorithm. For their trouble, they’re given a percentage of the transaction.

Mining, though, can be expensive because of the electricity and equipment involved. This is where cryptojacking comes in. It can infect computers by either downloading malicious files that install malware, or by browsing to an attacker’s website where coins are mined through JavaScript, after which the attacker sends the currency to themselves. Depending on the type of cryptocurrency the attacker chooses to mine, this process can be completely untraceable.

Because of the nature of cryptojacking, most users may not even realize they’re infected with the malware, though two easy ways to tell are quick battery drainage and slower than usual performance. Even if the cryptojacking malware is discovered, however, it’s usually just removed and forgotten since no files were locked or money taken, as would be the case with ransomware. This is why there’s a much smaller chance of cryptojacking criminals being tracked down.

A computers CPU utilization after visiting a malicious cryptojacking website.

How Widespread Is Cryptojacking?

Cryptojacking is relatively new, but the attackers profiting from the malware are not. Most were previously ransomware bandits but switched because of the higher profit potential and diminished risk. According to Symantec, incidents of cryptojacking rose 8,500 percent in the fourth quarter of 2017 and 34,000 overall for the year. A majority of the infected websites were breached and had the malicious code inserted to the homepage. Frighteningly enough, there’s a good chance you’ve mined cryptocurrency for an attacker at one point or another.

Our Recommendations

Install add-blockers and anti-cryptomining extensions to your web browsers

These free extensions will alert you and stop the utilization of your computer to mine cryptocurrencies.

Scan with antivirus programs regularly

Most antivirus programs are now able to detect if your computer contains malware that is cryptojacking.

Keep an eye on the performance of your computer

If you notice a sudden drop of battery life or performance, close your browser tabs. If that resolves the issue, you may have inadvertently visited a cryptojacking website. If the issue is not resolved, you may have malware installed on your computer.

Visit https://cryptojackingtest.com/

Created by the browser Opera, this website will analyze your browser’s performance and let you know if it’s being affected by cryptojacking.

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2023 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on
SEC Charges SolarWinds and CISO Timothy Brown For Misleading Investors
Think Before You Click: Fake Browser Updates are Back in Style
Protect Your Manufacturers: 3 Common Cyber Attack Methods to Watch Out for in 2023
Protect Your Students, Faculty and Staff: 3 Common Cyber Attack Methods to Watch Out for in 2023
Protect Your Retail Business: 3 Common Cyber Attack Methods to Watch Out for in 2023
Cybersecurity in the Construction Industry
Register to receive our weekly newsletter with our most recent columns and insights.
Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us
contact us
Pittsburgh

This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.

×