Cryptojacking, the unauthorized use of others’ computers to “mine” cryptocurrencies like bitcoin, has surpassed the use of ransomware as the top cybercrime. Why? It’s easy to do and offers a guaranteed payout with less risk to the criminal, according to local experts.
Creating cryptocurrency involves an arcane process of solving complex math problems using any device that connects to the internet. That’s legal. Using cryptojacking to do it is not. Once mined, legally or not, cryptocurrency can then be exchanged for U.S. dollars or another paper currency, and the seller is largely anonymous throughout this process.
Businesses should be concerned because cryptojacking — achieved through malicious software called malware — uses system resources and is often tied with other malicious activities such as data theft, said Blake Coe, senior vice president of network security for SBS CyberSecurity of Little Rock.
Sean Tappe, cybersecurity director for PCA Technology Solutions of Little Rock, formerly PC Assistance, agreed.
“First, you have an intruder in your network or on your machine,” Tappe said in an email. “This is a problem because the attackers have direct access to your network through this machine and can move to other more critical systems or steal other data while inside the network.
“Second, it costs money to run computers, from cooling costs to electric bills. This can get very expensive. When a cryptominer is installed and, dependent on the attacker’s skill and purpose, they can use all the resources of your computer until it breaks from overheating, or maxed-out resources will also crash a computer sometimes in unrecoverable ways.”
The count of people encountering cryptojacking increased by almost 45 percent year-over-year to 2.7 million in 2017-18, according to a June report, “Ransomware and Malicious Cryptominers 2016-2018,” by Kaspersky Lab of Moscow. At the same time, the total number of users who encountered ransomware fell by nearly 30 percent to 1.8 million.
A December report by McAfee Labs of Santa Clara, California, said coin miner malware has grown by more than 4,000 percent in the past year.
Cryptojacking has been around for a few years, but it spiked in the fourth quarter of 2017, Coe said. December of that year was also when bitcoin hit a record high value of $19,783.21.
How It’s Done
There two ways cryptojacking malware is spread:
► Through phishing emails with links or attachments. If recipients open attachments or click on links, the malware downloads onto their devices.
► Through websites and ads. When people visit an infected webpage or an infected ad, malware automatically downloads.
Criminals like cryptojacking because it’s cheap and easy, and a $30 kit to do it can be bought on the dark web, Coe said.
“If you perform a ransomware attack on 100 systems, you may only have one or two pay the ransom,” he said. “With cryptojacking, all 100 of the systems infected will be mining the cryptocurrencies for you.
“The longer the attack goes unnoticed, the longer the infected devices will mine the cryptocurrencies.”
Tappe said the scheme is easy to deploy and easy to hide, with culprits keeping anonymous through cryptocurrencies.
“Also, they run a lower chance of getting caught because usually no harm is done to the system or other network resources. … Therefore, they are less likely to get caught”
He presumes attackers realize that if they stay quiet and don’t cause problems, “they can run these miners for equal or more profit with less risk.”
Everyone Is a Target
Any business — large or mom-and-pop-sized — can be a cryptojacking target.
Tappe said that any device connected to the internet can be used to mine cryptocurrency; that means they’re all susceptible. But companies and their servers are targeted more than individuals because of their power ability to mine faster.
Largest IT Consulting Companies – ranked by number of certified technicians. Includes number of Arkansas employees, market area, services, top local executives, year founded and contact information.
Cryptojacking also is difficult to detect. Tappe and Coe say one way is to track how much processing power is being used. If that number is high, the device may be infected.
To avoid cryptojacking, businesses should take the same precautions they take to prevent other malware, Coe said.
Those precautions include keeping systems updated and secure, using antivirus or antimalware products or services and managing what employees are allowed to install on their computers.