Cryptojacking — hidden mining on your device

Cybercriminals are inventing increasingly sophisticated ways to steal cryptocurrency, ranging from social engineering (SE) scams to the development of malicious software, with the help of which criminals "infect" victims' devices.

One of the standard methods used by attackers to illegally obtain funds is cryptojacking.

What is cryptojacking?

Cryptojacking is the installation of hidden mining software on a victim's device. In fact, the term "cryptojacking" means the "hijacking" of the victim's device's computing resources.

It should be noted that during cryptojacking, attackers can, without the owner's knowledge, infect not only victims' desktop and laptop computers but also their mobile devices.

Malware for cryptojacking can be distributed in several ways:

• Exploiting vulnerabilities (exploits) in the operating system (OS) itself, its individual components, or applications;
• Infected phishing websites contain malicious software. The danger of phishing sites lies in the fact that they can run cryptojacking scripts without requiring any software download.
• "Pirated" programs. Viruses are often distributed through cracked software downloaded, for example, via torrent trackers or other web resources.
• Email, as well as private and public chats. For example, an attacker may offer a user a solution to their problem, but instead of a helpful tool, send cryptojacking software.
• Through malicious advertising, which may, for example, offer software for earning cryptocurrency.

Cryptojacking does not go unnoticed for the user, and in addition to slowing down the device, the victim may face the following problems:

• Rapid wear or failure of device components such as random-access memory (RAM), central processing unit (CPU), and graphics card (GPU);
• Increased electricity consumption requires higher financial costs.
• Increased internet traffic consumption affects download speed.

Moreover, the more powerful the device or network, the more significant the negative consequences of cryptojacking will be.

Ways to detect cryptojacking

There are several ways to determine whether a user has become a victim of cryptojacking. One of the most straightforward and most apparent is inspection.

The first sign of cryptojacking is a sharp decrease in the performance of a computing device without objective reasons. If the user notices a significant slowdown in the device's operation, it should be checked for the presence of hidden miners.

An additional marker for detecting cryptojacking may be unjustified bugs in the operating system and frequent "freezes" caused by conflicts in program execution and overload of computing resources.

Cryptojacking may also be indicated by high processor temperature and the appearance of new, unknown processes in the task manager or resource monitoring panel. For laptops, apparent signs of cryptojacking may include loud noise and device overheating.

How to protect yourself from cryptojacking?

Timely software updates

First, to protect against cryptojacking, software updates should be installed promptly, as they may contain fixes for critical vulnerabilities.

Using only licensed products

Avoiding pirated software will significantly reduce the risk of becoming a victim of cryptojacking. Attempting to save money on unlicensed software can result in much greater costs in the long term.

Monitoring computing resources

Built-in monitoring tools in Windows, macOS, and Linux operating systems allow detecting processes that heavily load devices. However, not all cases of cryptojacking software can be removed with standard tools, so that specialized software may be required.

Using antivirus software

Antivirus programs regularly update their threat databases, allowing them to promptly detect malware, including cryptojacking software, and eliminate the potential negative consequences of its installation on the victim's device.

If cryptojacking is suspected, a whole device scan should be performed using antivirus software.

Visiting trusted websites

Trusted websites appear at the top of search results and, in some systems such as Yandex, are also marked with a "blue checkmark." Phishing sites are often found in advertising listings.

You should also avoid visiting phishing websites, whose addresses are often distributed via email and in private and public chats on messengers.

Do not download files from unverified users

If a stranger sends you a file in a chat, it is better to avoid downloading it, as it may contain cryptojacking malware.

Using anti-phishing protection tools

The risks of landing on malicious websites and cryptojacking attacks can be reduced with the help of special anti-phishing tools, such as:

• MetaMask, Trust Wallet, and Trezor wallets with built-in anti-phishing protection;
• Browser plugins Netcraft and Bitdefender;
• Specialized phishing detection services BI.ZONE Digital Risk Protection and Check-Point Antifishing.

Built-in anti-phishing protection is also present in well-known browsers such as Chrome, Safari, Opera, Mozilla Firefox, and Yandex Browser.

Additional tools

Some special plugins and firewalls block cryptojacking scripts. These include Miner Block and No Coin for Chrome, CryptoMining Blocker and NoScript for Firefox, and NoCoin for Opera.