Our last blog post on this examined what Cryptocurrencies, Cryptomining, Blockchains, and Cryptojacking are all about. In this post, we examine how a Cryptojacking attack is launched.
How a Cryptojacking Attack is Launched
Due to the return (return on investment – ROI) that is associated, the cyber attacker now wants to gain their foot into this game, and become cryptominers themselves, but of course illegally.
However, keep in mind, there are very complex mathematical problems to solve in order for the miner to be rewarded. This, of course, takes a lot of computing and processing power.
The cyber attacker doesn’t want to spend the money in terms of procuring the extra hardware to do this, so as the above definition states, he or she will hijack your computer.
From there, steal the processing power as well as the electricity in order to mine the Cryptocurrencies.
You may be asking at this point: “How can they do this to your computer?”.
It’s quite easy actually.
All they have to do is send you a phishing like email, which contains a malicious link or attachment. Once you have fallen victim to this, a specialized cryptomining code is then installed onto your computer or even mobile device.
But what is even stealthier is that even if you visit a website, there could be infected pieces of Java source code running behind the site you are viewing.
From there, the cryptomining code can then be covertly loaded onto your computer.
At this point in the game, the Cryptomining code is now technically malware.
However, the problem with this new malware is that it is very difficult to spot on your computer, and can be installed and deployed in a very sneaky manner.
In these instances, the cyber attacker is not just exclusively targeting computers and wireless devices, they will go after anything that will give them free electricity.
This includes servers, routers, cable modems, firewalls, network intrusion devices, etc.
It’s also important to keep in mind that there is no specialized package that the cyber attacker has to deploy onto a device – the malware is just a few lines of infected source code, and as a result, this makes it all the more difficult to detect.
Due to the extremely low amount of overhead that is required on your devices, and its sneaky nature, the rise in cryptojacking has increased significantly.
For example, McAfee has just discovered almost 3 million new cases of it, which is a staggering 629% increase from 2017.
So, what are some of the telltale signs if your computer has been hijacked for the purposes of cryptojacking? Here are some clues:
> Slowdown in the speed of your computer;
> Very slow load times when trying to connect to the Internet;
> A slow increase in your electricity bill.
Our next blog post on this subject will examine how to protect your cloud based infrastructure from a cryptojacking attack.