CRYPTOJACKING

1. Context

2. What is Cryptojacking?

3. Why is Cryptojacking done?

• Coin mining is a legitimate, competitive process used to release new crypto coins into circulation or to verify new transactions. It involves solving complex computational problems to generate blocks of verified transactions that get added to the blockchain.
• The reward for the first miner who successfully manages to update the crypto ledger through this route is crypto coins.
• But the race to crack this 64-digit hexadecimal number code needs considerable computing power involving state-of-art hardware, and electrical power to keep the systems involved up and running.
• Cryptojackers co-opt devices, servers, and cloud infrastructure, and use their resources for mining. The use of 'stolen' or crypto-jacked resources slashes the cost involved in mining.

4. Methods to detect Cryptojacking

• Poor performance: Poor performance symptoms of crypto-jacking. Devices affected may run slower than usual or crash at unusual moments due to strain on processing power from the extra workload.
• Overheating: Overheating is a common result. Fans in infected devices run faster than usual, or batteries may overheat if a crypto jacking script is taxing the processor of an infected device. Overheating can damage a device or shorten its life span. 
• High electricity costs: High electricity costs are also a sign of an attack. The energy and processing power required for mining draw significant electricity.
• Central Processing Unit (CPU): The CPU use spikes in response to crypto-jacking. Victims with windows can check their CPU use in Activity Monitor or Task Manager when visiting sites that run little or no media content. If users notice an odd spike, this may indicate a crypto-jacking cyber attack. However, crypto-jacking malware can be written to hide as legitimate processes and be hard to detect through this method.

5. Why should this be a concern?

• Cryptojacking is hard to detect and the victims of these attacks mostly remain unaware that their systems have been compromised.
• Apart from individuals, businesses too are on the target list of cryptojackers.
• According to the report, cryptojacking incidents targeting the retail industry rose by 63% year-to-date, while similar attacks on the financial industry skyrocketed by 269%.
• The primary impact of cryptojacking is performance-related, though it can also increase costs for the individuals and businesses affected because coin mining uses high levels of electricity and computing power.

6. How to Prevent Cryptojacking?

• Use strong cybersecurity protection: Security admins should use strong antimalware and cybersecurity software built to detect the presence of malicious code, such as crypto mining software. They should also ensure their organizations implement the latest operating systems, web browsers, and cybersecurity software updates.
• Use anti-crypto jacking browser extensions: Browser extensions such as minor block and No Coin, block crypto jacking software running in web browsers.
• Use ad blocker and disable Javascript: Using a strong ad blocker and disabling Javascript can prevent crypto-jacking software from running in web browsers however, some crypto-jacked ads are designed to evade ad blockers.
• Secure servers and cloud configurations: Publicly exposed servers and cloud services are vulnerable to crypto jacks and, as such, should be identified, rooted out, and/or secured.
• Use software composition analysis (SCA): SCA technology can identify what open-source code is being used in software and security.
• Block infected sites: Blocking sites known to host crypto jacking software or that have outdated plugins and security keeps users from accidentally accessing them.
   
• Stay up to date: Crytpojacking is a constantly evolving threat, and staying up to date on the latest attack methods keeps users aware of what security threats they might be at risk for.

For Prelims & Mains