Cryptojackers are hacking websites to mine cryptocurrencies

Hackers have a new trick up their sleeves: hijacking computers to generate digital coins.As bitcoin and other ...

Posted: Feb 22, 2018 4:43 PM
Updated: Feb 22, 2018 4:43 PM

Hackers have a new trick up their sleeves: hijacking computers to generate digital coins.

As bitcoin and other cryptocurrency prices soar, "cryptojacking" attackers surreptitiously take over web browsers, phones and servers to make some serious profit.

"Every avenue out there is being exploited on any kind of machine," said Jerome Segura, lead malware analyst at security firm Malwarebytes. "Consumer computers, servers, research centers - it has no bounds. We forecast it to be the biggest threat in 2018."

Cryptocurrencies, like bitcoin and Monero, are created by using computing energy to solve complex math problems. When a problem is solved, a new piece of currency is made. This is called mining. Currencies can be mined legitimately, but criminals are increasingly turning to malevolent mining activities.

In September 2017, Malwarebytes began tracking a major uptick in malicious cryptomining and it has become the company's most commonly detected activity.

In the last month alone, cryptojacking campaigns have hit websites belonging to governments, critical infrastructure and even YouTube.

It can affect business infrastructure, too. On Tuesday, researchers at security firm RedLock said Tesla's cloud storage - a place for storing data separate from physical Tesla servers - was recently breached to mine cryptocurrency.

A spokesperson for the car manufacturer said there was no indication customer privacy or vehicle safety or security was compromised.

But businesses should be on alert: RedLock's Upa Campbell, vice president of marketing, said it's easier for hackers to try making money by secretly mining cryptocurrencies than stealing and selling corporate data.

"Cybercriminals will always take the path of least resistance," Campbell said.

How it works

Hackers don't have to target individual phones or computers -- they can compromise websites and hijack thousands of devices at a time.

Last week, a cryptojacking campaign impacted almost 5,000 websites, including a number of UK and US government pages, through a flaw in a third-party application. Hackers exploited the flaw to mine currency using something called Coinhive.

Coinhive offers legitimate browser-based software tools for businesses to turn their websites' visitors into cryptominers. But some people have taken advantage of the project and now use its software for nefarious purposes. The company launched in September, and websites including Politifact.com and Showtime were unknowingly infected with Coinhive miners last year. Researchers also recently found Coinhive code hidden in Android apps.

Security researcher Scott Helme discovered the massive cryptojacking scheme a few hours after it launched and told CNN it's likely the hackers secretly inserted the malicious code during the weekend, a slow time for government websites, in hopes it stayed there for a long time. Coinhive reportedly said hackers made just 0.1 Monero, or $24, while the attack was active.

Bitcoin mining is energy-intensive. In fact, some researchers are concerned about its impact on the environment. In both cryptojacking and legitimate mining schemes, people usually prefer to mine Monero, a lesser-known cryptocurrency that does not require as much power to generate.

Not all cryptomining is malicious. For example, digital publishers think it may be a way to make money outside of advertising. Politics and culture publication Salon is currently experimenting with cryptomining, and alerts readers before hijacking their computer's power to generate currency.

How to stop it

"For the end user, there's not much you can do to protect yourself from cryptojacking beyond using anti-virus software or an ad blocker in your browser," Helme said.

If a website is mining currency with your computer, you can close the page to stop the activity. Browser extensions like NoCoin can also be used to block Coinhive and other cryptocurrency miners.

It's possible to analyze how much computing power your browser uses by looking at the Activity Monitor on Macs or the Resource Monitor on Windows computers. These are built-in tools that let you see which applications, like the Chrome or Safari browsers, use the most energy. A graph at the bottom of the monitor will show large spikes in computing power when you visit a website running a cryptominer.

But that might be too complicated. Instead, if you hear your computer's fan start whirring when you're visiting a website, or if the browser suddenly slows down dramatically, a cryptominer may be running.

Although the impact to consumers is low, Helme said it's important to be aware of these attacks and stop them if you can.

"The bottom line here is your device is being used to make money for a criminal gang," he said. "We don't know who these people are or what their intentions are. They could use it to fuel future criminal activities."

Indiana Coronavirus Cases

Data is updated nightly.

Confirmed Cases: 49063

Reported Deaths: 2732
CountyConfirmedDeaths
Marion11760689
Lake5276246
Elkhart340255
Allen2835133
St. Joseph200169
Cass16429
Hamilton1608101
Hendricks1425100
Johnson1296118
Porter76738
Tippecanoe7359
Clark66844
Madison66764
Bartholomew59145
Vanderburgh5876
LaPorte58326
Howard58058
Kosciusko5624
Marshall5016
Noble48528
LaGrange4779
Jackson4733
Boone45443
Delaware45252
Hancock45236
Shelby43125
Floyd38444
Morgan32731
Monroe30928
Montgomery29720
Grant29626
Clinton2902
Dubois2886
Henry28216
White26610
Decatur25432
Lawrence24825
Dearborn23823
Vigo2388
Warrick22729
Harrison21622
Greene19032
Miami1862
Jennings17712
Putnam1708
DeKalb1634
Scott1628
Daviess14817
Wayne1436
Orange13623
Perry1359
Steuben1302
Franklin1268
Ripley1247
Jasper1232
Wabash1142
Carroll1102
Fayette1037
Newton9910
Gibson982
Whitley975
Starke943
Randolph804
Huntington782
Jefferson762
Wells751
Fulton721
Jay680
Washington671
Pulaski661
Knox640
Clay604
Rush583
Owen501
Adams491
Benton480
Posey450
Sullivan451
Spencer441
Brown421
Blackford392
Crawford320
Fountain322
Tipton311
Switzerland280
Parke240
Martin220
Ohio180
Vermillion140
Warren141
Union130
Pike110
Unassigned0193

Ohio Coronavirus Cases

Data is updated nightly.

Confirmed Cases: 60181

Reported Deaths: 2991
CountyConfirmedDeaths
Franklin10879439
Cuyahoga8277383
Hamilton6287206
Lucas2836303
Marion273639
Summit2241207
Pickaway220541
Montgomery220131
Mahoning1861239
Butler167447
Columbiana130960
Stark1156113
Lorain106468
Trumbull99774
Warren89525
Clark7809
Delaware61715
Fairfield60517
Tuscarawas58510
Belmont55522
Medina54332
Lake52920
Licking52012
Miami47531
Portage46159
Wood45251
Ashtabula43744
Clermont4317
Geauga41443
Wayne36552
Richland3515
Allen32841
Mercer2909
Greene2879
Darke25326
Erie25022
Holmes2453
Huron2282
Madison2029
Ottawa16024
Washington14020
Sandusky13814
Crawford1365
Putnam13215
Ross1323
Coshocton1302
Hardin12312
Morrow1181
Auglaize1074
Jefferson922
Union921
Monroe8917
Muskingum891
Hancock831
Preble801
Athens791
Hocking798
Guernsey763
Lawrence740
Williams722
Shelby704
Clinton680
Logan651
Fulton630
Ashland621
Carroll603
Wyandot605
Brown591
Scioto540
Defiance533
Knox531
Fayette480
Highland461
Champaign441
Van Wert420
Perry371
Seneca352
Henry320
Jackson260
Paulding260
Adams241
Pike240
Vinton222
Gallia201
Harrison121
Meigs120
Morgan110
Noble110
Unassigned00
Fort Wayne
Broken Clouds
81° wxIcon
Hi: 92° Lo: 72°
Feels Like: 85°
Angola
Broken Clouds
75° wxIcon
Hi: 90° Lo: 72°
Feels Like: 75°
Huntington
Few Clouds
78° wxIcon
Hi: 90° Lo: 72°
Feels Like: 80°
Decatur
Clear
73° wxIcon
Hi: 91° Lo: 72°
Feels Like: 73°
Van Wert
Clear
73° wxIcon
Hi: 92° Lo: 72°
Feels Like: 73°
AM Storms, Slightly Cooler Friday
WFFT Radar
WFFT Temperatures
WFFT National

Community Events