Quick Heal today revealed that it has detected more than 3 million cryptojacking hits between January and May 2018. Mobile users aren’t safe either; the number of mobile cryptojacking malware variants have grown to 25 by May 2018 from 8 in 2017, marking a three-fold increase. Quick Heal Security Labs expects these numbers to grow even further, as more cybercriminals leverage cryptojacking as a lucrative channel of generating illicit revenues.
Sanjay Katkar, Joint Managing Director and Chief Technology Officer, said, “Cryptojacking is emerging as a more cost-effective and efficient alternative to ransomware. With a ransomware attack, there is no guarantee that hackers will be paid a ransom. Cryptojacking, on the other hand, is empowering hackers to make use of infected endpoints for swifter and more assured financial gains. As of now, there are no reported instances of data loss in cryptojacking attacks.”
Understanding the Threat: What are cryptojacking attacks, and why are they becoming popular?
Simply put, cryptojacking is a form of cyber-attack in which hackers hijack the infected system’s processing power to mine cryptocurrency. As opposed to ransomware, cryptojacking attacks remain almost undetected, enabling attackers to use the compromised systems to mine cryptocurrencies for as long as they want.
They are also easier to deploy than ransomware attacks. All a hacker needs to do is to drop a cryptomining code on your system without your knowledge through an infected link or file. Another commonly used method is to infect websites and pop-up ads with a JavaScript-based cryptomining script, which is triggered when you click on infected ads or visit compromised websites. In such instances, attackers don’t even need to install a code; just opening the infected link is enough to turn your system into a cryptomining machine and generate instant returns on investment for the hacker.
While cryptojacking attacks are mostly deployed against individual systems at present, Quick Heal Security Labs expects cloud-based services to also be targeted in the near future. It additionally expects lighter and more sophisticated versions of mining scripts to be deployed soon, and forecasts the rise of mining-malware-as-a-service and an exponential growth in the number of fileless cryptomining malware.
How to identify if you’ve been cryptojacked, and how to protect against cryptojacking:
One of the most prominent – and perhaps the most easily identifiable – symptoms of cryptojacking is the system performance. Since most of the computing power is redirected towards cryptomining operations, the system performance goes down drastically. Applications which would otherwise open smoothly might face major issues with lag, or completely fail to respond. In several cases, cryptojacking prevents users from carrying out any tasks on their systems and can even lead to frequent system crashes and overheating, damaging the system hardware and significantly lowering its lifespan. Another indicator of whether a system has been compromised by a cryptojacking attack is an abnormally-high fan speed (in PCs and laptops) or battery overheating (in mobile devices).
Quick Heal recommends system owners to deploy a robust security solution as a means of combatting cryptojacking attacks. Security solutions must be kept up-to-date with the latest security definitions, while users are also advised to regularly update their OS. Other recommendations include installing an ad-blocker plugin (extension) on your web browser, avoiding suspicious links or email attachments, using strong passwords and not posting personal info online. |