Industry Trends

Cryptojacking: are your valuable bitcoins at risk?

By Toan Trinh | March 11, 2018

Cryptocurrency is all the rage right now. You can’t go anywhere without seeing it online, mentioned in the news, or discussed in groups.

With large sums of money exchanging hands daily and news outlets reporting that Bitcoin prices surged over 1,400% during 2017, it’s no surprise that people have been drawn toward the virtual currency space.

Even in spite of recent shifts and volatility in their value, most cryptocurrencies continue to be worth quite a bit, which makes them a target for cybercriminals.

How safe are your crypto coins? Are you or your computer at you at risk of being compromised by cryptojacking?

What is Cryptojacking?

Given the current value of the major digital currencies, such as Bitcoin, Ethereum, and Ripple, and the fact that this entire financial market exists entirely in the digital world, it’s obvious as to why we have seen an exponential rise in attacks focused on crytpocurrencies.

In fact, FortiGuard Labs just released our latest Quarterly Threat Landscape report for Q4 of 2017, and in it we identified the serious and growing concern of cybercriminals targeting cryptocurrency using attack tools and techniques referred to as cryptojacking.

Cryptojacking comes in several different forms. A malicious infection design to steal CPU resources to perform cryptomining on behalf of a criminal enterprise can cause frustrating effects, such as system crashes, lag time and poor network performance/ But more serious attacks can include such things as ransomware and data and coin theft.

Knowing each type of potential threat will help you be more aware of these kinds of attacks so you can be better prepared. 

There are three main classes of Cryptojacking.

  1. Forced Mining- 
    Cybercriminals insert lines of code into vulnerable websites, emails, or downloads that imprint onto your computer and hijack your CPU to perform cryptomining on behalf of the hacker. The key indicator is to look for unexplainable or unexpected changes in your computer’s speed.

  2. Fake Wallets- 
    Owners and buyers of cryptocurrency usually store their coins in an encrypted digital wallet. Given the growing value of these currencies, cybercriminals are focusing on deceiving people into downloading malware disguised as one of these wallets. When the user opens the file, it prompts them for their personal information with a fake registration process, and then uses those details to access and steal currency. Always be careful of what you are downloading and check that any websites you visit can be trusted.

  3. Ransom- 
    There are parts of the internet, such as the Darkweb, that only accept Bitcoin for payment, and participating in this can increase the risk to your cybersecurity. The threat of ransomware is the most serious of the three cryptojacking types, and occurs when malicious software enters your computer and holds your data or access at ransom until you pay. Because cryptocurrencies are unregulated, the hacker is able remain anonymous. Nd to make them even more anonymous, these ransoms are often demanded in other digital currencies besides Bitcoin, such as Monero.

How do you protect yourself?

The growing popularity of cryptocurrency is posing a real threat to both the average user and large business alike, even if you don’t actively buy, sell, or use cryptocurrencies.

Despite cryptocurrency being around since the 1980s, it is a relatively new phenomenon for the general public and this can lead to a misunderstanding of how to be safe when using it.

So it’s best to be prepared.

Start by ensuring that your connected systems are being patched or protected. Then make sure that you are running security solutions designed to detect both known and unknown threats. At the same time, educate yourself and your employees on issues such as phishing and safe browsing. Next, never load personal information onto downloaded applications unless you can verify the manufacturer and source. And finally, make sure that you are regularly backing up your systems and storing those backups off network to ensure you can quickly recover from a ransomware attack.

To find out more, download our full Quarterly Threat Landscape report for Q4 of 2017.