Crypto-jacking is biggest security threat of 2018

Read time 3min 10sec
Crypto-jacking skyrocketed this year.
Crypto-jacking skyrocketed this year.

The global boom in crypto-currencies such as Bitcoin is not going unnoticed by cyber criminals, and while crypto-currencies have been synonymous with ransomware attacks, cyber criminals are now looking to crypto-jacking to mine these coins.

Crypto-jacking is the unauthorised use of an individual's device to mine crypto-currencies. Cyber criminals employ malware to take over computers, tablets or smartphones, and covertly use a portion of their processing power to mine crypto-currencies.

This is according to a recent report by Panda Security, which claims crypto-jacking is defining 2018 in terms of cyber security, and was the primary threat to the security and performance of electronic devices throughout the first half of the year.

Crypto-currencies have become the gold of the 21st century, notes Panda.

"[In the first half of the year] we have seen 2.4 million instances of this attack, which is booming among black hat hackers," says Panda. "The more computing power they can hijack, the faster they can mine, which is also giving rise to fights between different attackers trying to gain control of as much of a user's CPU as possible."

How it works

According to Panda, one of the most common techniques involves hijacking the victim's CPU or GPU when they visit a Web site infected with crypto-mining malware. The report also reveals hackers are taking advantage of vulnerabilities in operating systems to get malware onto the endpoint.

Panda says it is seeing a significant increase in legitimate Web sites infected with CoinHive, which is a JavaScript. This means it is not even necessary to install mining software; it simply runs as long as the user is active on that page.

Another popular technique is to use seemingly legitimate documents, such as Word documents, in phishing e-mails. These attacks employ the online video function in Microsoft Word, which allows videos to be inserted into documents without having to embed or link them. Attackers use this feature to insert malicious scripts.

Cyber criminals have also started to exploit the applications found on Internet of things (IOT) devices for crypto-jacking.

"One of the first cases seen in the field of IOT was HiddenMiner, a piece of malware that got onto mobile devices via applications downloaded from unofficial, third-party app stores. A feature that makes it so dangerous is that, in older versions of Android, it is almost impossible to get rid of. In addition, once on a device, it uses all the device's resources, making it overheat or even crash," says Panda.

Cheap and easy

Josu Franco, technology and strategy consultant at Panda Security, says: "Crypto-jacking is an easy way to make money, and doing it is really cheap. Crypto-jacking kits can be bought on the dark Web for around $30.

"The attacker can install it on 100 machines, for example, and all of them will constantly contribute money by generating crypto-currency with little risk."

The first sign of crypto-jacking malware infection is unusually high electricity consumption, says Jeremy Matthews, regional manager at Panda Security Africa.

"Users should also take note of a serious slowdown of the device. To fight these threats, business leaders need to develop a comprehensive cyber security strategy that includes next-generation endpoint detection and response technology to provide visibility and control of the network, as well as developing policies and procedures that govern user behaviour."

See also