In our last post, we talked about the hot topic of cryptocurrency and how to better protect your investments. This week we will continue the cryptocurrency topic and take a closer look at one type of attack – cryptojacking (what it is and why it is becoming so popular).
To understand the concept of cryptojacking, we first must address how it’s possible. Cryptocurrencies such as the popular Bitcoin and Ethereum are not created by a central bank like regular money, but are instead created or mined by distributed computing resources solving complex equations. This means a big cost of mining new coins is electricity. As such, cryptojacking has become popular to avoid this issue and involves passing the electricity cost off of mining to an unsuspecting user. It works by slipping a mining component without the knowledge of users on to devices or websites and harvesting power off of those to steal cryptocurrency digital cash.
What are the methods?
The most popular methods to carry out a cryptojacking attack include in-browser cryptojacking where a JavaScript code lives in the browser. When a user visits a page where the JavaScript code is already embedded, it is then activated in the background and consuming resources without the user knowing; The other is server access to install a attack. This is where an attacker finds and exploits an existing vulnerability and deploys a full-scale cryptocurrency miner on a system.
Why Is This a Cybersecurity Risk?
What makes cryptojacking so tricky is that you’re paying for electricity and stress on your hardware without realizing it, without approving it. Because it’s clandestine, you don’t know whether cryptojacking stops when you leave the website or whether they’ve placed a cookie that will carry on once you’ve navigated away.
While there is no immediate way to tell if a website page you are using or device has a hidden mining component on it, there are some ad blockers and website plugins coming out. However, if you want to keep yourself fully protected, the best way to prevent it at the moment is pulling the plug on your network and turning off your computer. The risk is yours!
Today was the last BOHH Breakdown, but not the last blog. We will continue our blogging on a weekly basis and will have a diverse set of thought pieces coming from our team of experts. Thank you for coming back each week to read our BOHH Breakdown and we look forward to continuing to deliver interesting thought pieces for our readers.
No comments:
Post a Comment