Cryptojacking: How Cybercriminals Mine Cryptocurrencies using Your Computer

0
2708
Spread the love
  • 1
    Share

Fortinet has issued a warning to users after spotting a trend by cybercriminals using Cryptojacking to stealthily steal your computer’s CPU resources.

  • Cryptojacking dramatically slows down computers
  • Hackers are moving past personal credentials and data to steal CPU resource to mine cryptocurrencies

Fortinet, the cybersecurity company issued an advisory to computer users to check their devices if they sense that they are acutely slowing down. They could unwittingly be donating computing power to cybercriminals carrying out browser cryptojacking.

Fortinet said that their researchers have been discovering more and more of such incidents, which are essentially a new trick used to stealthily mine Monero cryptocurrency using your CPU resources.

By loading a script into your web browser that contains a unique site key, a cybercriminal can make you enrich him with Monero currency − without your knowledge − every time you turn on your computer and visit certain websites.

Browser cryptojacking started last September when a new technology to mine Monero cryptocurrency within web browsers surfaced. The script was written in JavaScript and is easily embeddable into any web page. Once a computer user visits such compromised pages, their computing power is hijacked for the currency mining process.

Monero is preferred because “it’s algorithm is better suitable to CPU limits, especially when compared to other cryptocurrencies”, citing Coinhive Fortinet stated.

The more time users spend on the web pages, the more CPU cycles can be consumed. This explains why hackers typically pick illicit video streaming web sites, where people stay for hours watching movies or TV serials, to plant such scripts.

Back-of-the-envelope calculations by security researchers show that cryptojacking can be lucrative − hackers targeting popular illicit sites like The Pirate Bay can earn up to US$12,000 per month.

What to do if you suspect your PC is Cryptojacked

So if you hear your computer’s fans running at full speed without any apparent reason, the smart thing to do is check your CPU usage. Go to “Task Manager” on Microsoft Windows ([Ctrl]+[Shift]+[Esc]), “Activity Monitor” on Mac, and “Top” on the Linux command line.

The above commands will list all the processes running on your computer, allowing you to find the culprit (usually the web browser, e.g. Google Chrome) by filtering real-time CPU consumption.

Once identified, you can kill the culprit by right clicking on it and selecting “end task”, “kill” or “terminate”. This ends your current connection to the compromised website. After that, you can open your browser again and go to other sites without problems.

How to prevent Cryptojacking

The next step is to prevent your computer from being cryptojacked again. Install an anti-adware web browser extension, as well as web filtering and antivirus tools on your computer, and keep these updated. Another thing you can do, of course, is to refrain from visiting illicit sites.

“When using computing devices, it pays to always be situationally aware and look out for anomalous things, be it your fan speeding up or an email offering something too good to be true,” said David Maciejak, Director of Security Research, Fortinet.

“Cyberspace is a perilous place full of schemers trying to take advantage of the gullible. Deploying the right security tools to protect yourself will help, but being cautious and thinking twice before taking any action will also go a long way in preserving your money, confidential data and computing experience.”

Facebook Comments
  • 1
    Share