Is your computer or phone running slow? If yes, you could be mining cryptocurrency without knowing it.
Cryptojacking is a form of cyber attack in which a hacker hijacks a target’s processing power in order to mine cryptocurrency on the hacker’s behalf. The hacker could place malicious software in phones, computers and even smart TV’s and refrigerators to mine cryptocurrency without it being discovered.
The McAfee Labs recently published a report showing that coin miner malware rose by 629 percent in Q1 to over 2.9 million samples. During the Winter Olympics in Pyeongchang, South Korea, a malicious Microsoft Word attachment targeted organizations involved to infect them with the code to mine cryptocurrency.
The Cryptojacking can also be carried out via a web browser that is running a miner in the background. A company that makes this possible is Coinhive. By placing a special script into a website you have control over, you could start using the visitors CPU power to mine Monero. According to Coinhive, with just 10–20 active miners on your site, you can expect a monthly revenue of about 0.3 XMR (~$36).
This makes it attractive for criminals to try breaking into websites with a high number of users to insert the code to earn money. To maximize profit, one should use as much CPU power as possible in order to get as much hash rate as possible. However, this might give it away, since the unit that is mining will most likely be very slow. A sophisticated solution to get around this problem is to throttle the mining speed, letting it only use half of the computing power, leaving the victim totally unaware that there is something shady going on.
Earlier this month, a report by GuardiCore showed that over 40,000 victims were mining cryptocurrency. Units like DSL modems, IoT devices, and backup servers were compromised.
