Cryptojackers are hacking websites to mine cryptocurrencies

Hackers have a new trick up their sleeves: hijacking computers to generate digital coins.As bitcoin and other ...

Posted: Feb 22, 2018 4:43 PM
Updated: Feb 22, 2018 4:43 PM

Hackers have a new trick up their sleeves: hijacking computers to generate digital coins.

As bitcoin and other cryptocurrency prices soar, "cryptojacking" attackers surreptitiously take over web browsers, phones and servers to make some serious profit.

"Every avenue out there is being exploited on any kind of machine," said Jerome Segura, lead malware analyst at security firm Malwarebytes. "Consumer computers, servers, research centers - it has no bounds. We forecast it to be the biggest threat in 2018."

Cryptocurrencies, like bitcoin and Monero, are created by using computing energy to solve complex math problems. When a problem is solved, a new piece of currency is made. This is called mining. Currencies can be mined legitimately, but criminals are increasingly turning to malevolent mining activities.

In September 2017, Malwarebytes began tracking a major uptick in malicious cryptomining and it has become the company's most commonly detected activity.

In the last month alone, cryptojacking campaigns have hit websites belonging to governments, critical infrastructure and even YouTube.

It can affect business infrastructure, too. On Tuesday, researchers at security firm RedLock said Tesla's cloud storage - a place for storing data separate from physical Tesla servers - was recently breached to mine cryptocurrency.

A spokesperson for the car manufacturer said there was no indication customer privacy or vehicle safety or security was compromised.

But businesses should be on alert: RedLock's Upa Campbell, vice president of marketing, said it's easier for hackers to try making money by secretly mining cryptocurrencies than stealing and selling corporate data.

"Cybercriminals will always take the path of least resistance," Campbell said.

How it works

Hackers don't have to target individual phones or computers -- they can compromise websites and hijack thousands of devices at a time.

Last week, a cryptojacking campaign impacted almost 5,000 websites, including a number of UK and US government pages, through a flaw in a third-party application. Hackers exploited the flaw to mine currency using something called Coinhive.

Coinhive offers legitimate browser-based software tools for businesses to turn their websites' visitors into cryptominers. But some people have taken advantage of the project and now use its software for nefarious purposes. The company launched in September, and websites including Politifact.com and Showtime were unknowingly infected with Coinhive miners last year. Researchers also recently found Coinhive code hidden in Android apps.

Security researcher Scott Helme discovered the massive cryptojacking scheme a few hours after it launched and told CNN it's likely the hackers secretly inserted the malicious code during the weekend, a slow time for government websites, in hopes it stayed there for a long time. Coinhive reportedly said hackers made just 0.1 Monero, or $24, while the attack was active.

Bitcoin mining is energy-intensive. In fact, some researchers are concerned about its impact on the environment. In both cryptojacking and legitimate mining schemes, people usually prefer to mine Monero, a lesser-known cryptocurrency that does not require as much power to generate.

Not all cryptomining is malicious. For example, digital publishers think it may be a way to make money outside of advertising. Politics and culture publication Salon is currently experimenting with cryptomining, and alerts readers before hijacking their computer's power to generate currency.

How to stop it

"For the end user, there's not much you can do to protect yourself from cryptojacking beyond using anti-virus software or an ad blocker in your browser," Helme said.

If a website is mining currency with your computer, you can close the page to stop the activity. Browser extensions like NoCoin can also be used to block Coinhive and other cryptocurrency miners.

It's possible to analyze how much computing power your browser uses by looking at the Activity Monitor on Macs or the Resource Monitor on Windows computers. These are built-in tools that let you see which applications, like the Chrome or Safari browsers, use the most energy. A graph at the bottom of the monitor will show large spikes in computing power when you visit a website running a cryptominer.

But that might be too complicated. Instead, if you hear your computer's fan start whirring when you're visiting a website, or if the browser suddenly slows down dramatically, a cryptominer may be running.

Although the impact to consumers is low, Helme said it's important to be aware of these attacks and stop them if you can.

"The bottom line here is your device is being used to make money for a criminal gang," he said. "We don't know who these people are or what their intentions are. They could use it to fuel future criminal activities."

West Lafayette
Clear
71° wxIcon
Hi: 88° Lo: 63°
Feels Like: 71°
Kokomo
Clear
69° wxIcon
Hi: 85° Lo: 63°
Feels Like: 69°
Rensselaer
Clear
68° wxIcon
Hi: 85° Lo: 61°
Feels Like: 68°
Fowler
Clear
68° wxIcon
Hi: 85° Lo: 62°
Feels Like: 68°
Williamsport
Clear
71° wxIcon
Hi: 87° Lo: 61°
Feels Like: 71°
Crawfordsville
Clear
72° wxIcon
Hi: 87° Lo: 63°
Feels Like: 72°
Frankfort
Clear
74° wxIcon
Hi: 87° Lo: 64°
Feels Like: 74°
Delphi
Clear
71° wxIcon
Hi: 86° Lo: 62°
Feels Like: 71°
Monticello
Clear
71° wxIcon
Hi: 85° Lo: 61°
Feels Like: 71°
Logansport
Clear
70° wxIcon
Hi: 85° Lo: 62°
Feels Like: 70°
WLFI Radar
WLFI Temps
WLFI Planner

Indiana Coronavirus Cases

Data is updated nightly.

Confirmed Cases: 52037

Reported Deaths: 2762
CountyConfirmedDeaths
Marion12111693
Lake5677249
Elkhart366260
Allen2971134
St. Joseph221169
Hamilton1735101
Cass16489
Hendricks1470100
Johnson1351118
Porter84938
Vanderburgh8016
Tippecanoe7859
Clark71944
Madison68164
LaPorte62928
Howard61058
Bartholomew60545
Kosciusko5844
Marshall57011
Noble52428
Boone49244
LaGrange48710
Delaware48152
Jackson4793
Hancock47436
Shelby46025
Floyd41844
Monroe36128
Morgan34431
Grant32226
Dubois3196
Henry30318
Montgomery29720
Clinton2903
White27810
Dearborn27123
Warrick26829
Vigo2618
Decatur25732
Lawrence25325
Harrison21822
Greene19932
Miami1942
Jennings17912
Putnam1748
DeKalb1694
Scott1659
Wayne1596
Daviess15117
Perry15110
Steuben1402
Orange13823
Jasper1362
Ripley1357
Franklin1288
Gibson1282
Wabash1193
Carroll1142
Starke1093
Fayette1087
Whitley1086
Newton10110
Huntington942
Jefferson872
Wells831
Randolph804
Fulton761
Jay720
Knox710
Washington681
Pulaski661
Clay645
Posey640
Rush623
Spencer591
Owen531
Benton510
Sullivan511
Adams491
Brown441
Blackford402
Fountain362
Crawford330
Tipton331
Switzerland320
Parke280
Martin260
Ohio230
Vermillion200
Warren151
Union140
Pike120
Unassigned0193

COVID-19 Important links and resources

As the spread of COVID-19, or as it's more commonly known as the coronavirus continues, this page will serve as your one-stop for the resources you need to stay informed and to keep you and your family safe. CLICK HERE

Closings related to the prevention of the COVID-19 can be found on our Closings page.

Community Events