Cryptocurrency mining, also known as Cryptojacking is the latest trend in hacking where code is injected into web sites and is used to hijack the users’ CPU to mine cryptocurrency. This has been driven by a boom in the value of cryptocoins in general and is a way for hackers to make money.
It is now becoming a major threat to many corporations and infrastructure around the world. Recent attacks have been carried out against Tesla, UK and Australian government web sites and critical EU water utility infrastructure.
We take a look at what it is and how you can protect your device.
How Does Cryptocurrency Work?
Cryptocurrency is a digital currency. Unlike traditional currency it is not controlled by any government and is designed to be secure and anonymous. There are many types of digital currency. Many have heard of the original cryptocurrency, Bitcoin which started in 2009. However, it has spawned many others such as Ethereum, DigitalNote, LiteCoin and PotCoin among many others. Currently there are more than 900 different currencies.
The entire system is controlled through the use of cryptography and is designed to be decentralized and does not require any banks to process. The actual underlying process involves something called a ‘Blockchain’, which is essentially a shared document or ledger that records transactions between parties. The Blockchain is highly distributed across a network of computers and ensures that each transaction is authenticated securely and safely essentially replacing a traditional bank.
The Blockchain requires computing resources to perform the cryptography and verification of each transaction and this is run by miners. A miner is simply a computer or node. As payment for these services, miners are paid in digital currency. The first cryptocurrency miner that is able to validate the transaction is rewarded with a payment.
The payments are fractional amounts of currency based upon the number of transactions and the current market rate. This fluctuates dynamically based upon supply and demand. In the early days it was possible to make a small amount of money by performing these services. However, the rates are now so low (due to the number of miners involved) it is nearly impossible to make a profit, especially when you factor in the cost of equipment and power. In addition, specialized devices such as AntMiner, have been created for the sole purpose of mining, rendering standard desktop processors unviable. This has also been a boon for graphics processor companies like Nvidia and AMD who have started releasing cards developed specifically for cryptocurrency mining.
The Economics
The economics of mining are such that the single biggest cost involved is the power and CPU required to do the work. Due to the cost of power in different countries it makes sense to do mining where the cost of power is low. China has therefore emerged as the major player in mining and now performs over 80% of the workload.
Due to these economics it makes sense that if you can pool a group of computers to do the work on your behalf then you can effectively steal both electricity and CPU cycles and get paid without any expenditure. This is exactly what cyber criminals are doing.
Early attacks focused on infecting web servers, where they inject code into sites to do the mining. As the price of digital currencies has increased they have become more sophisticated and now infect individual machines as they visit web sites through advertising and other code injection techniques.
Protection Against Cryptomining / Cryptojacking
The best way to stay protected from these attacks is to ensure you have Cryptomining / cryptojacking protection on your device at all times. BlackFog provides a single option in the Network > Blocking section to ensure you are protected. This monitors all outbound connections in real time and ensures that there is no data transfer to any cryptomining site. Since this operates at the network layer it also blocks connections from other infected applications on your system.
Related Posts
Endpoint Data Loss Prevention: Protect Your Data Securely
What should firms keep in mind when looking for advanced endpoint data loss prevention tools?
The Johnson Controls Ransomware Attack – Impact and Key Insights Review
In September 2023, Johnson Controls International suffered a ransomware attack linked to the Dark Angels group, resulting in the theft of 27TB of sensitive data. The breach caused $27 million in losses and disrupted operations, highlighting the critical need for robust cybersecurity defenses.
The 2024 Vulnerability Crisis – Managing Cybersecurity Threats
Learn how organizations can meet the onslaught of cybersecurity vulnerabilities, along with five of the most common vulnerabilities and successful management strategies. Find out why there’s a new vulnerability every 17 minutes.
What is Data Loss Prevention? | A Complete Guide to DLP Security
Data is the most valuable asset today's businesses possess - and volumes are growing all the time. In this article we look at what data loss prevention means heading into 2025 and what should firms be doing to improve their capabilities?
BlackFog: Personal Liability Concerns Impact 70% of Cybersecurity Leaders
70% of cybersecurity leaders face personal liability concerns. Discover how it impacts governance, accountability, and cybersecurity practices.
Ongoing: New Ransomware Gangs in 2024
Ransomware gangs continue to break records and BlackFog will track all new ransomware gangs in 2024.