Cryptojacking Malware Is A Growing Problem For eCurrency Users Security

The value of electronic currencies reached enormous heights in 2017, consequently businesses and offenders alike are figuring out ways to generate virtual coins without having to front the cost of computers or electricity. The answer: code that is sneakily hidden on internet pages to hijack your laptop or phone's computing power.

This year alone, The Pirate Bay (a infamous file sharing website), Showtime, and even an Argentine internet provider all served clients code that created digital monies (known as “mining”) with their machines without their knowledge or consent. A fresh report from information security company Symantec suggests that this tendency isn't about to slow down – quite the contrary. If anything, it's about to get a great deal worse. The business calls it a looming “arms race” between hackers and security businesses.

“We hope that we will see more and more of them attempting to infiltrate ad networks, which are contained in several sites,” said Candid Wueest, principal threat researcher for Symantec, over the phone.

Cryptocurrency-mining malware was a menace in the first days of Bitcoin, when the electronic currency could still be generated with customer hardware. It has not been possible for some time now, therefore cryptocurrency malware pretty much expired after 2014. But recent years have seen a massive influx of new coins like Monero, Zcash, and Ethereum, all which may be mined with hardware which most people already have.

At the same period, several services that allow site owners (or hackers with access) to plant miner code on pages have arisen. The most popular service is called Coinhive, however there are others, notably JSEcoin and Crypto-Loot.

Basically, it is a perfect storm, and because of this, cryptocurrency malware mining has come back with a vengeance in 2017. There've been some noteworthy tech innovations, like “pop under” windows which maintain mining once you've closed the browser window, and botnets that hijack Internet of Things apparatus.

“Defacing a web site is fun for some people, but it's not profitable–this is, and so we think it will increase,” Wueest said. It's still more rewarding for hackers to target high-value targets like cryptocurrency exchanges, Wueest lasted, but that could change.

“With the price of cryptocurrencies climbing, [malware] can become more profitable and enlarge,” Wueest clarified. “And quite frankly, it does not cost much–there is a lot of content management tools such as WordPress which are vulnerable.”

The important thing to keep in mind is that there is nothing inherently wrong with cryptocurrency mining scripts. If you would like to mine some Monero rather than seeing an advertisement, hey, that's your right. The problem is every time a website or app commands your computer to do something that you did not approve or know about.

You will find free methods to protect yourself also: You can add mining scripts to Adblock Plus's block list, and there is even an open source script blocker on GitHub known as No Coin.

And keep in mind, if you notice your PC unexpectedly slowing down might not be a indication that your machine is heading to an early tomb. It might just be creating digital coins for someone else.