In Focus Resource Center > Insights

Cryptojacking: What's Yours is Mined

As the popularity of cryptocurrencies continues to grow, cyber criminals have taken notice. One threat to cryptocurrency is a nefarious tactic called cryptojacking. The following frequently asked questions will provide an overview of this topic:

What are cryptocurrencies?

  • A cryptocurrency (often referred to as “crypto”) is a type of digital money that does not exist physically and instead exists only on the internet in a digital form. Unlike the dollar or other fiat currencies, cryptocurrency is not issued or administered by an authority such as a bank or government. Instead, cryptocurrencies are decentralized into a distributed immutable ledger known as a blockchain, which is used as a database to track transactions.

How are these transactions verified?

  • Many cryptocurrencies, such as Bitcoin, require cryptomining to generate new coins into circulation and verify transactions. This mining process involves using powerful hardware to solve exceptionally complex mathematical calculations. Mining requires immense computing power and electricity consumption to carry out these calculations, but the miners are rewarded by receiving cryptocurrency payments.

What is cryptojacking?

  • Cryptojacking is when cyber criminals surreptitiously utilize a victim's device, whether it be a computer, mobile device, or server, to mine for cryptocurrency without the victim's knowledge. The criminals avoid the considerable cost of electricity and the use of computing power associated with mining while still reaping the rewards.

How do cryptojacking tools get installed on a victim's system?

  • There are two prevalent methods of infecting a victim's device with cryptojacking malware. The first method involves socially engineering a victim into clicking on an email link or attachment, which in turn deploys cryptomining malware onto the target device. The second method involves infecting a website or online advertisement with malware that is triggered once it is viewed in the victim's browser.

Is cryptojacking a serious issue?

  • According to a 2021 Cisco report, cryptojacking malware affected an astonishing 69% of its customers. Once infected with cryptojacking malware, an individual or business will experience significantly slower productivity, increased electricity costs, and even a shortened lifespan of their hardware due to overheating.

Do some antivirus tools come with cryptomining capabilities?

  • Popular antivirus products like Norton 360 and Avira are now shipping with preinstalled cryptocurrency mining programs. While the mining is “opt-in,” meaning users have to agree to enable it, there are concerns that the feature is difficult to remove and should only be used after researching the cost and benefits.

How do I defend myself against cryptojacking?

  • Similar to most malware defenses, a combination of several strategies is recommended. Prevention is always the best approach, so be sure that you have been armed with cybersecurity awareness training that will help you detect and avoid spear phishing attacks which can deliver cryptojacking malware. Ensure your browser and operating system have been updated with the latest security patches and that your antivirus is up to date with the latest definitions. Finally, remain vigilant and investigate any unexpected or unexplained system performance degradation. If your CPU usage is spiking and you are not running any resource-intensive applications, it may be worth investigating and running a full virus scan.

For more information on keeping your organization safe from cryptojacking and other malware, contact Kevin Ricci at kricci@citrincooperman.com or Michael Camacho at mcamacho@citrincooperman.com

Our specialists are here to help.

Get in touch with a specialist in your industry today.