Your computer or mobile device might be helping criminals crank out thousands of dollars in online currency, and you wouldn’t even know it. A new hacking tool known as cryptojacking is on the rise, and it threatens to secretly use your computer or mobile device to generate online money for cybercriminals.
With that in mind, cryptojacking is the unauthorized use of a computer, tablet, mobile phone, or connected home device by cybercriminals to mine or help create cryptocurrency. For those not familiar with this fairly new terminology, cryptocurrency is a form of digital currency that can be used in exchange for goods, services, and even real money. Users can “mine” it on their computer by using special programs to solve complex, encrypted math equations in order to gain a piece of the currency.
Well, cryptocurrency can be time- and energy-intensive, making it hard to turn a profit without a large operation or a cheap source of power. And so, with cryptojacking, hackers are essentially making their victims’ computers do all the work for them. They secretly force thousands of computers and mobile devices to solve math problems in the background, then have the resulting cryptocurrency sent to their own digital wallet. Each computer generates only a small amount of revenue, but their combined efforts can mean big bucks for cybercriminals.
Experts say it’s tough to spot a cryptojacker because it operates like a parasite, siphoning just enough computer resources to remain unnoticed. Victims might notice their computer fan speeding up when a cryptojacker is operating, because it’s using up more of the devices resources. Also, you find your device or computer running very slow or sluggish or you notice your computer overheating.
There are a few ways cryptojacking can occur. One of the more popular ways is to use malicious emails that can install cryptomining code on a computer. This is done through phishing tactics. The victim receives a seemingly harmless email with a link or an attachment. Upon clicking on the link or downloading the attachment, it runs a code that downloads the cryptomining script on the computer. The script then works in the background without the victim’s knowledge.
Another known way is from a website through your web browser. In this method, hackers inject a cryptomining script on a website or in an ad that is placed on multiple websites. When the victim visits the infected website, or if the malicious ad pops up in the victim’s browser, the script automatically executes. In this method, no code is stored on the victim’s computer.
Experts say to use a strong internet security software suite such as Norton or McAfee Security which can help block cryptojacking threats.
In addition to using security software and educating yourself on cryptojacking, you can also install ad-blocking or anti-cryptomining extensions on web browsers for an extra layer of protection. As always, be sure to remain wary of phishing emails, unknown attachments, and dubious links.