Analysis: we can stop criminals engaged in cryptojacking using our computers by carefully monitoring the computer's performance
By Mubashir Husain Rehmani, MTU
You may have heard about airplane hijacking, but what if your computer is hijacked? Yes, this is possible, and it's known as cryptojacking. The Department of Justice and Equality has highlighted cryptojacking as an emerging and pervasive threat.
It's basically a cyber-attack where criminals use your computer without your permission for cryptocurrency mining and earning money. The strange thing is that you own your computer, you pay for the electricity it consumes, and someone out there in the world without your permission not only use your computer but also degrades its performance and earns money.
We need your consent to load this rte-player contentWe use rte-player to manage extra content that can set cookies on your device and collect data about your activity. Please review their details and accept them to load the content.Manage Preferences
From RTÉ Radio 1's Brendan O'Connor Show, Detective Chief Superintendent Pat Lordan, Lead Officer at the Garda National Economic Crime Bureau on the use of cryptocurrency as part of scams
So what is cryptojacking all about? How can you detect it? How did these criminals make so much money out of it? Can we unknowingly become a victim of cryptojacking? Could cryptojacking be used as a new business model as an alternative to advertising?
Let’s start with cryptocurrency mining. Cryptocurrency mining can be done in many ways. You can perform mining from your own computer or mobile phone, but the chances of making profit this way are almost negligible. The second way is to make your personal computer part of a mining pool to earn some profit. The third method is bit tricky and it's where cyber criminals secretly use someone’s computer to perform cryptocurrency mining and earn the profit.
Why do criminals use cryptojacking?
The reason is simple: the financial gains they achieve in terms of mining reward are enormous. It cuts out the cost of buying, maintaining, and running cryptocurrency mining hardware. A simple mining device costs around €6,000 and the entire container of such mining devices can cost up to €100,000. Cryptojacking makes investment and operational costs negligible, making this business a safe haven for the cyber criminals.
From BBC Click, is your computer safe from the cryptojackers?
Compared to other cyber-attacks, cryptojacking is more attractive to cyber criminals because cyber security companies and organisations focus more on countering cyber-attacks like ransomware. Cryptojacking may seem harmless compared to other cyber-attacks but a computer user suffers as a result. There is a decrease in the computer’s performance and it may cause overheating of their hardware (if cryptocurrency mining is done extensively), while the user either loses their entire data or must pay a ransom in other cyber-attacks.
How does cryptojacking actually happen?
It can be done in various ways. For instance, the criminal can gain access through your computer browser (Google Chrome, Internet Explorer or Firefox), Android applications, third-party libraries, browser extensions, routers or even botnets. Browser based cryptojacking is the most popular: the longer the user's browser is open, the longer the crypto-mining script will run, and the computer will be engaged in the cryptocurrency mining process.
It starts when a cryptojacking script is placed on a website. When a user visits the website, a computing script runs in the background, which checks the visiting user's computer to identify its operating system and how many CPU cores are available.
After checking the user's computer, the cryptocurrency mining payload is downloaded to the user's computer from an external computer server or from the same website and the user's computer is connected to the mining pool's server. Finally, the user’s computer completes the cryptocurrency mining tasks and the required hashes are uploaded back to the mining pool using web sockets.
How do I stop someone else using my computer?
One way to avoid cryptojacking is to disable all JavaScript applications on your computer's web browser. This will result in the cryptocurrency mining session ending. Another way is to see how many processes are running in your computer through the task manager and how much CPU processing power they are using and then kill the unnecessary or suspicious processes. A third important method to avoid Cryptojacking is to install Malwarebytes software on your computer, which will help you in protecting against all such malware and it can alert you which websites are risky to visit.
Cryptojacking is also emerging as an alternative to advertising. Instead of using different advertising campaigns such as banner ads or pay-per-click ads, website owners are using cryptojacking scripts to make profit by using regular website visitors. This is a grey area in terms of consumer rights legislation and general users may not be aware of technical details even if the permission has been given when the user accepts cookie notices without reading them in detail.
Cryptojacking is theft and it's illegal in the same way as someone sitting outside your home uses your wi-fi or electricity without permission. If we know that criminals are using browser-based cryptojacking and it results in increased CPU utilization, we can at least detect such activity by monitoring the performance of our computer. Awareness is the key to counter new threats and cyber-attacks.
Dr Mubashir Husain Rehmani is a Lecturer in the Department of Computer Science at Munster Technological University (MTU)
The views expressed here are those of the author and do not represent or reflect the views of RTÉ
