SUMMARY
The Number Of Mobile Cryptojacking Malware Variants Has Grown To 25 By May 2018 From 8 In 2017, Marking A Three-Fold Increase
Pune-based IT security solutions provider Quick Heal, today, revealed that it has detected more than 3 Mn cryptojacking hits between January and May 2018.
Cryptojacking refers to remotely accessing someone else’s computer or mobile without his or her consent for mining cryptocurrencies. The hacker either hacks a website attaching crypto-mining malware codes in the form of Javascript or drops the malware to someone’s computer/mobile through a link. The malware gets activated once the user accesses to the infected websites or open the link sent by the hacker.
In contrast to ransomware, cryptojacking attacks are mostly undetected, enabling attackers to use the compromised systems to mine cryptocurrencies for as long as they want.
In India, while no hackers have been arrested so far in this regard, Japanese prosecutors recently arrested 16 individuals suspected of cryptojacking. As per reports, the arrested suspects were allegedly running their own websites to spread the crypto mining malware, including the Coinhive program, that mines Monero.
Quick Heal Security Labs also revealed that the number of mobile cryptojacking malware variants ha grown to 25 by May 2018 from 8 in 2017, marking a three-fold increase. The company estimates these numbers to grow even further, as more cyber-criminals leverage cryptojacking as a lucrative channel for generating illicit revenues.
Commenting on cryptojacking, Sanjay Katkar, Joint Managing Director and Chief Technology Officer, Quick Heal stated, “Cryptojacking is emerging as a more cost-effective and efficient alternative to ransomware. With a ransomware attack, there is no guarantee that hackers will be paid a ransom. Cryptojacking, on the other hand, is empowering hackers to make use of infected endpoints for swifter and more assured financial gains. As of now, there are no reported instances of data loss in cryptojacking attacks.”
Identifying Cryptojacking
Not very long ago, Inc42 had reported that UPSC websites were hacked for cryptojacking.
As per Quick Heal, one of the most prominent – and perhaps the most easily identifiable – symptoms of cryptojacking is the system performance. Since most of the computing power is redirected towards crypto-mining operations, the system performance goes down drastically. Applications which would otherwise open smoothly might face major issues with lag, or completely fail to respond. In several cases, cryptojacking prevents users from carrying out any tasks on their systems and can even lead to frequent system crashes and overheating, damaging the system hardware and significantly lowering its lifespan. Another indicator of whether a system has been compromised by a cryptojacking attack is an abnormally-high fan speed (in PCs and laptops) or battery overheating (in mobile devices).
When it comes to hardware, Bitcoin being bon vivant is too difficult to generate using cryptojacking. Monero has been the Bitcoin for cryptojackers, as the former doesn’t require heavy hardware/processor for mining, as does Bitcoin.
As per an Ad blocking firm AdGuard, almost 220 popular websites are currently home to these cryptomining malware. Interestingly, almost half-a-billion users use these crypto-mining scripts whenever they open any of those 220 websites. These websites have raised almost $43K through these parasite-scripts at almost zero cost.
On the Alexa list of the top 100K websites, AdGuard looked for the codes for CoinHive and JSEcoin, the most popular solutions for browser mining in use now. The company found 220 sites that launch mining when a user opens their main page, with an aggregated audience of 500 million people. Almost one in every forty websites currently mines cryptocurrency by employing their host computers’ CPU.
