Cryptojacking: What It Is and How To Prevent It
There’s a lot of money to be made (and lost) in cryptocurrency, so it should come as no surprise to learn that the technologies and platforms used to facilitate the trading of cryptocurrencies aren’t without their vulnerabilities.
Cryptocurrency is a digital currency that can be traded online or used to purchase certain goods or services. The most popular and well-known cryptocurrency is Bitcoin. The Bitcoin boom at the end of 2017 saw its price rise to over $20,000 a coin, but there are over a thousand different cryptocurrencies available to trade. These can be purchased in a variety of different ways from different trading websites, but in most cases, the coins you own will be stored in a digital wallet – a software program that stores private and public keys that allow you to send and receive cryptocurrencies.
Sometimes, these wallets can be hacked and people can lose millions of dollars. In 2018, over $1.7 billion was lost in cryptocurrency-related thefts and scams. But there’s another way that cybercriminals are making money using other people’s assets: cryptojacking.
What is Cryptojacking?
In order to understand what cryptojacking is, it’s important to understand that Bitcoin is generated through a process known as ‘mining’. If you were to complete any transaction in real life, a record of that transaction would be documented by a bank, point-of-sale system, or receipt. This helps to keep track of the transactions.
Every time a Bitcoin transaction is completed, that transaction is documented through a process known as mining, where miners add them to a public record known as the ‘blockchain’. Bitcoin miners are responsible for making sure transactions are recorded accurately and not being duplicated.
To do this, they need to run a node, a powerful computer that runs the Bitcoin software (it takes around 145GB to run). Nodes speed up Bitcoin transactions across the network and can group outstanding transactions into blocks and add them to the blockchain by solving a complex mathematical puzzle. This means finding a number that, when combined with the data in the block and passed through a hash function, produces a result within a certain range. As the hash function makes it impossible to predict what the outcome will be, the miners are all guessing at random. Whichever miner gets it right first is rewarded with 6.25 Bitcoins. As you might imagine, there are lots of mining modes competing for that reward, so generally speaking, the more nodes you have, the higher your chances. You can probably see where this is going.
Cryptojacking is when your computer is maliciously used as a node to facilitate Bitcoin mining. Remember earlier when we said the software needed to mine Bitcoin uses 145GB on a single node? This pretty much makes your laptop, computer, or any other device that’s been cryptojacked useless, as its processing power is being used to mine Bitcoin or steal cryptocurrency wallets from unsuspecting victims. All of this can be done by hackers using just a few lines of code.
How You Can Prevent It
Cryptojacking is a threat that’s growing in popularity. As well as using up a lot of processing power, mining Bitcoin can use a lot of electricity, and as the bitcoin halving has also halved the amount of Bitcoin that miners receive for completing transactions (12.5 bitcoin down to 6.25), it makes sense that criminal miners will want to save on their costs by using other people's devices.
There are two main ways that hackers can cryptojack your devices. The first is by using phishing tricks to install malware on your devices. The second is by using browser-based crypto mining scripts that are hidden on a webpage and activated whenever you visit it (this can also be done through pop-ups). Despite the destructive nature of these tactics, their simplicity makes them relatively easy to protect against by using a VPN.
Using a VPN encrypts your information, making it harder for hackers to intercept it. As a VPN also hides your IP address and prevents IP tracking, hackers won’t be able to find your devices as easily online. However, you’re still left vulnerable to what hackers are relying on most with any malware attack: basic human error.
If you’ve already taken the necessary steps to protect your online information, make sure you don’t slip up by doing the hacker’s work for them and clicking on unexpected links and websites. Always exercise caution online, even when you’re using a VPN.