Zoom
Trash
Source -
https://medium.com/coinscapture/know-everything-about-cryptojacking-28ae5f75a015
Getting robbed for Fiat currency is the common attack encountered by most of the individuals in this world. Surprisingly, these days hackers have become advanced, now they also steal computing power along with fiat currency. Have you ever heard of this? This kind of robbery is termed as “Cryptojacking”. In other words, Cryptojacking is an attack that includes robbing the target’s computational power without his/her consent in order to mine cryptocurrency. It can also be termed as “Cryptomining malware or Coinjacking”. Cryptojacking has been noticed since August 2017 but eventually geared up the speed at the rate of 8500% by December 2017.
Mining cryptocurrency requires expensive computer devices, graphic cards and special software for solving complex math puzzles for gaining a small amount of cryptocurrency. Mining is directly proportional to the number of devices working i.e. more the number of working devices more faster is the mining speed. Thus, it makes the process tricky, time-consuming, requiring a lot of computing power and a costly endeavor. For this reason, to make the mining an easy and cheap process, hackers have adopted Cryptojacking i.e. the misuse of the target’s device to mine, generate new tokens along with fees and charges. The hacker keeps the new tokens and fees generated while the expenses that have occurred is been taken from the victim unknowingly.
How is Cryptojacking done?
Cryptojacking is achieved from malicious activities or some hidden code in the browser that runs undetected. The cryptojacking scripts do not harm the data stored in the computer but they cause the computer to operate at a much slower rate. Browser-based and Drive-by download are two methods of cryptojacking. In both the methods, the code solves complex mathematical problems and the results are sent to the hacker’s server and the victim remains unaware.
Browser-based Cryptojacking:
In this method, a crypto-mining script (JavaScript) is injected on a website or an advertisement and places on multiple websites. When such infected websites or ad is visited or clicked by the victim, the JavaScript executes. The more pages or ads you load the more mining code runs secretly along with stealing most of the CPU processing power. Zcash and Monero permit mining with CPU as they are privacy-focused, anonymous and difficult to track the illegal movement.
2. Drive-by download Cryptojacking:
In this method, on the basis of phishing tactics malicious links are sent through emails or SMS. When the infected link is clicked by the victim, the code runs which downloads the crypto-mining script on the computer. This script continuously runs in the background without the consent of the victim.
How to detect cryptojacking?
There are specific network monitoring tools that help in detection. Apart from that, there are some red flags that indicate cryptojacking:
How to curb down Cryptojacking?
Real-world Cryptojacking Attacks:
Cryptojacking can be an easy money making scheme that doesn’t harm or steal files stored on the computer. But, it is highly recommended that every user must know about these attacks and be cautious to prevent such attacks by following the above-mentioned recommendations.