How to Prevent and Detect Cryptojacking


CryptocurrencyCryptojacking, illegally creating e-coin value for one’s own electronic piggy bank–requires massive computing power that far exceeds one or even dozens of PCs linked together. The practice, perpetuated by a new breed of cybercrooks called ‘crypto miners', displaced ransomware last year as the top malware threat. To succeed, crooks must surreptitiously commandeer the power of other people’s servers and computers. The more machines they can jack, the more booty they can scam.

Last year, incidents involving machines in Russia, India and Taiwan netted hackers more than $3.6 million in value in just one month. The threat is growing rapidly because it requires only modest technical skills, and because exploit kits can be bought on the dark web for as little as $30. Moreover, the risk of being detected, caught and identified is far less than with ransomware or other attacks. With cryptojacking, crooks’ primary goal is to steal and use your machines' processing power, not to infect, ransom or pilfer network data. This typically happens in two (equally) nefarious ways: 1) with phishing-like tactics, using legitimate-looking emails that trick victims into clicking a poisoned link, and 2) by infecting websites or pop-up ads with ‘scripts’ that secretly deploy when clicked or displayed in a browser.

Script codes work continuously in the background, siphoning CPU cycles to line miners’ electronic pockets. Infections manifest through degraded performance and annoying system slowdowns. Overheating (from excessive CPU usage) and unusual spikes in energy consumption are other telltale signs of compromise. Make no mistake: the resulting costs can add up quickly. “Organizations with [multiple] cryptojacked assets can incur [significant labor and other] costs, in terms of help desk support and IT’s time replacing components.” 

You can reduce your company’s risk of unwanted cryptojacking through vigilant network monitoring (accompanied by strategic data analysis) and employee awareness training. Other defensive measures may include ad blockers, anti-mining browser extensions, web filtering and endpoint protections, all of which should be discussed in detail with your IT team and/or Managed Services Provider.

If your systems aren’t performing normally or your users need additional security training, call TeamLogic IT today.