Computer Users Face Growing Threat from Cryptojacking — Report

Computer users now have one more thing to worry about: cybercriminals secretly taping into your CPU or GPU to mine cryptocurrencies. Due to an ability to access your computer via a web browser, “cryptojacking” is on the rise, cautioned a British government agency.

“The technique of delivering cryptocurrency miners through malware has been used for several years, but it is likely in 2018-19 that one of the main threats will be a newer technique of mining cryptocurrency which exploits visitors to a website,” the UK’s National Cyber Security Centre

https://www.ncsc.gov.uk/

(NCSC) wrote in its annual report on April 10, 2018.

Some History

While other types of malware have to find a way to trick you into downloading software, in-browser cryptojacking malware doesn’t require you to install a program. Instead, hackers infect a website or an online ad with JavaScript code that auto-executes once it loads in your browser. The cryptomining code then does its job in the background while you continue using your computer as normal. A lag in performance may be the only clue that a computer has been compromised.  

Cryptojacking took off in September 2017 when Coinhive published a JavaScript miner that could start mining the ASIC-resistant cryptocurrency Monero (XMR) after a webpage loaded. “Your users run the miner directly in their browser and mine XMR for you in turn for an ad-free experience, in-game currency or whatever incentives you can come up with,” Coinhive says on its website.

Shortly after, popular torrent download site Pirate Bay incorporated Coinhive as part of a new monetization scheme that would replace the advertisements that normally keep the site afloat. “We really want to get rid of all the ads. But we also need enough money to keep the site running,” Pirate Bay said in a blog post on September 16, 2017.

During the later part of 2017, Coinhive clones started popping up left and right. Hackers  even found ways to inject the scripts into popular websites like Politifact.com and Showtime unbeknownst to the site owners. Today, the internet is rife with in-browser miners.

Global Problem

As pointed out in the NCSC report, in December 2017, Check Point revealed that 55 percent of businesses globally were impacted by cryptominers. “Popular websites are likely to continue to be targets for compromise, serving cryptomining malware to visitors, and software is available that, when run in a webpage, uses the visiting computer’s spare computer processing power to mine the digital currency Monero,” the NCSC says.

The report also points out that in February 2018, over 4,000 websites worldwide, including many government ones, were affected by the cryptojacking script. The problem was eventually traced to a website plug-in called Browsealoud, used to help blind and partially sighted people access the web.

Using an ad blocker or antivirus program with features that block browser mining is the best way to prevent crypto hijacking, the report advised. (There’s also a Chrome extension called No Coin that blocks cryptocurrency miners like Coinhive.)