With the ongoing COVID-19 pandemic, cybercriminals have been busy targeting public and private networks as well as collaborative platforms. This has resulted in an enormous increase in cyberattacks such as ransomware and cryptojacking. Individuals and organizations are falling short of the budget requirements and resources to fight back. Even worse, many individuals and organizations are not taking the steps necessary to safeguard themselves and their computing resources from cyberattacks.
With increased demand and the surge in value for Bitcoin and other cryptocurrencies, hackers around the globe started cryptojacking to steal someone else’s computing resources to perform cryptomining. We saw a decline in cryptojacking when the prices of cryptocurrencies were falling last year. But with Bitcoin hitting an all-time high of more than $63,000 today, and other cryptocurrencies also hitting all-time highs this year, it is no surprise cryptojackers are reloading and revamping their malware and attack arsenal.
Cryptojacking: What is it?
As the name suggests, cryptojacking is essentially hacking into personal and business computers, laptops, smartphones, and other computing devices to force the devices to do cryptomining. Attackers use phishing emails or weblinks to transmit malicious code to victims’ computers to gain access and control the resources and computing capabilities. Attackers can also victimize users through online ads containing malicious scripts that auto-execute once loaded in the browser. Victims of cryptojacking often do not even realize their devices are hacked and are performing unauthorized tasks.
How does it work?
Cybercriminals can use any traditional means of cyberattack to hack into systems for cryptojacking. However, among all the methods available, hackers have been primarily using two means of cryptojacking to secretly use victims’ computers and processing power to mine the cryptocurrencies. One way is to deliver the malicious payload using traditional phishing tactics. In this method, attackers send legitimate-looking emails to multiple users. When a user clicks on the link in these emails, the code designed to mine for cryptocurrencies is transferred to the user’s system. The other most commonly used method for cryptojacking, one that is being used on a larger scale, is to develop malicious browser plugins or ads and deliver them to multiple websites. Whenever one of these infected ads or popups of a website loads in a system’s browser, that system is then enslaved by the attackers for cryptomining.
Irrespective of the method, the malicious script residing in the victim’s computer runs in the background without the user’s knowledge. The code runs all the complex mathematical operations needed to perform the mining, and the extracted results are sent to a server managed by the attackers. Unlike most other cyberthreats, cryptojacking scripts do not damage, steal, or corrupt the user’s data or the systems. However, they do steal and consume a considerable portion of the CPU’s resources to perform the cryptomining
Cryptojacking: COVID-19 repercussions
Growing remote tools
With companies switching to remote work policies, most employees are now using several collaboration platforms for their everyday activities. Meanwhile, organizations are integrating these third-party collaboration tools such as Microsoft Teams and Zoom with their internal systems and providing access to their data. With the growing usage of these tools, many fake malicious meeting invitations are spreading rapidly. Many individuals and organizations have reported these incidents, which could lead to cyberattacks such as phishing, ransomware, and cryptojacking, among others.
According to a report by Europol conducted to study European cybercrime, a large number of adults working remotely will be more vulnerable to cyberattacks and in jeopardy of losing their personal information to cybercriminals. With almost all schools and colleges switching to remote learning and teaching methodologies, at least in part, even children are being victimized by cybercriminals.
Lack of enterprise-grade tools and security
With the growing remote work culture, employees often use their professional and personal computers and other devices for work purposes, which adds to the vulnerability of these devices — and puts the company they work for at risk. Lack of effective enterprise-grade firewalls, antivirus solutions, network security solutions for remotely working employees is eating away at organizations with increasing cyberattacks.
Safeguarding against all these vulnerabilities and patching these devices on the edge remotely is a very complex job for IT admins — let alone the individuals using the devices. Several SMBs have fallen prey to cryptojacking, ransomware, phishing, and other forms of cyberattacks due to their inability to keep up with the growing security trends.
Insecure data transmission
With the ongoing pandemic, many individuals are using insecure data transmission channels to transmit personal and organizational data. Using an insecure, unencrypted means of network communications has always been a major cause of cyberattacks, including cryptojacking. These loopholes are encased by cybercriminals to potentially sniff, steal, corrupt, or even damage the data, as well as affecting the network and devices used by cryptojacking or ransomware.
Detecting cryptojacking and fighting back
Despite the best efforts in securing systems, any company or individual can be victimized by cryptojacking. What makes it worse is that cryptojacking is very difficult to detect. Most antivirus and firewalls scan and search for malware using their signature-based detection mechanisms. Cryptojacking, on the other hand, does not use a signature-based approach, making it difficult to detect.
No matter how secure your systems are or how strong your cybersecurity team is, nothing can guarantee 100 percent protection against cryptojacking. If you are hit, there are ways you can fight back against this malicious payload on your systems. Deploying network monitoring and device monitoring solutions can be very effective in detecting any abnormalities. For anyone working remotely, using a VPN service to protect the network transmissions and the use of web-filtering tools also plays a vital role in protecting from cryptojacking. Every individual needs to monitor their devices’ performance and keep an eye out for unusual performance spikes or system throttle to detect cryptojacking.
Being consistent in terms of network and device usage, properly educating the people around us, and using updated security solutions on edge devices can often prove beneficial in this fight against cryptojacking, along with many other forms of cyberattacks.
Featured image: Shutterstock
