Cryptojacking, The New Threat of the Internet

Every couple of years a new form a cyber attack appears on the internet. It started with viruses messing up computer systems to the point that they had to be completely reset. Then there was malware that stole information from those affected, followed by ransomware that threatened to lock users out of their own computer unless they paid. The current reigning champion of the internet crime, however, is none other than cryptojacking.

It all started innocently, with programmers having the noble idea to create a tool for online games and websites where the visitor’s hardware power is temporarily borrowed to generate cryptocurrency. What followed was a virtual gold rush, and everyone and their dog tried to profit off unsuspecting internet users. The situation quickly spun out of control from there and nowadays 90% of cryptojacking is done undetected or with some malicious intent.

Invisible hardware slavery

Crypto mining is based on a JavaScript code that any site owner can integrate into their website, which then leverages the visiting party’s CPU power to generate cryptocurrency – effectively printing money out of thin air. This method in itself isn’t illegal and could help many struggling news sites and flash game portals that otherwise cannot live on ad revenue alone. The issue is that most website operators ‘forget’ to inform their visitors about this kind of contribution.

Cryptojacking doesn’t require consent or a download, starts immediately and – most importantly – is completely invisible, which is why many netizens are unknowingly running on a large cryptocurrency hamster wheel. Mind you, this the process usually only lasts for as long as you inhabit the site, generating only a small amount of money for the owners. Still, having thousands if not millions of computers slave away in a metaphorical gold mine promises quite a large income. This is why hackers have decided to resort to even more insidious methods…

No escape from the cracking of the crypto-whip

By default, cryptojacking is a limited revenue opportunity since it stops working whenever the visitor leaves the site. In order to circumvent this weakness, hackers have decided to implement crypto-mining bots into their malware. The Digmine virus is just one infamous example where people were infected thanks to a security hole in Facebook Messenger, only to have their computer’s power leeched every time they visited the social media site.

Tech-savvy con artists quickly learned how to maximize the efficiency of cryptojacking. In one instance they plagued Starbucks’ public Wi-Fi hotspot in Buenos Aires, taking every customer’s machine on a tour deep down into the cryptocurrency mine. Even worse, hackers found out how to sneak the code into innocent websites, turning Politifact, Showtime and even government sites into unwilling dens of cryptojacking.

Am I a victim too?

This is a fair question that most people would ask after learning about the horrors of cryptojacking. A talltale sign for victims is that the performance of your device takes a sudden nosedive, even if it’s idle. To help detect an infection there are websites dedicated to scanning your browser for traces of cryptojacking, as well as plugins meant to stop sites from possessing your computer. It’s also prudent to open the task manager every now and then and check the list of running programs. If you spot something out of place that is consuming a lot of CPU power, then immediately run a thorough search with your antivirus software.