A New Form of Malware Slowing Down Machines
With the growth of digital currencies and online transactions, cryptocurrency has grown to become an everyday topic. Cryptocurrency is a virtual form of currency that operates on a decentralized network called the blockchain. Crypto mining is the process used to create new currencies by using computer processing power to solve complex math equations to add more coins to the blockchain. This process is legal, though controversial because of the difficult nature to provide all the processing power and infrastructure for this process.
Crypto Jacking is a cyber-attack where threat actors install malicious software onto computers, smartphones, or servers to steal processing power to mine for crypto, unbeknownst to the owner. Once the user of the system clicks on the malicious software, it is downloaded without their knowledge and the crypto mining begins. This process can be expensive for affected users as it can result in reduced processing power, slower loading times, higher electric bills, and higher CSP (Cloud Service provider) bills.
Forms of Attack
Attackers can use varieties of tactics to successfully perform crypto jacking attempts. Thes can include but are not limited to,
- Phishing Links: Some threat actors will send phishing emails to targets while posing to be a ‘trusted source’ through social engineering tactics or using spoofed email addresses. These emails will usually have attachments with hidden malware installed on them that will deploy once a link is clicked. It’s important to review all unknown or external emails with caution. If you are suspicious that an email is malicious containing malware or is not from a trusted source, do not interact with the email.
- Malvertising: Many times, cyber criminals will utilize online ad space to lure victims into being infected. By purchasing legitimate online advertising space, malicious actors can create the appearance of a trustworthy advertisement, while concealing harmful code embedded within it. In the case of crypto jacking, cyber criminals will load the ad with harmful JavaScript code that runs directly in the user’s browser. This code silently uses the device’s processing power through the CPU or GPU to mine cryptocurrency for the attacker. Other forms of malvertising can inflict further harm on your system by deploying malware, installing packet sniffers, or even delivering ransomware.
Preventing Crypto Jacking
- Avoid Visiting Unsecure or Suspicious Sites. Many times, crypto jackers will create fake websites that have stolen content (movies, images, videos) to attract users to their page. Interacting with these websites can expose your system to many forms of malware, including cryptojacking code. It is best practice to interact with known secure websites and ensure that your anti-malware software is active.
- Do Not Interact with Malicious Ads. Spam ads can be loaded with cryptojacking code which can automatically be downloaded into your files with a simple click.
- Do Not interact with Phishing Links. Threat actors will use phishing attempts to trick users into clicking on malicious links and downloading it to their systems.
- Install Ad Blockers. Many of the techniques used by crypto jackers heavily involve the use of malicious ads. Downloading a safe ad blocker and deploying it on your browser can create a perimeter defense that prevents many forms of this attack from being possible
- Regularly Update Your Antivirus. Antivirus and anti-malware software can help detect and block crypto jacking attempts. Regularly updating this software allows or you to be equipped with the latest protections and updates to newer upcoming threats.
The Cost of Ignoring Crypto Jacking
While the idea of slower processing times could be viewed as a subtle inconvenience, there are more costs than just the siphoning of speed. Cyber criminals must have malware running on the user’s computer to successfully mine for crypto. Criminals may embed more dangerous capabilities within their code, potentially enabling activities such as data sniffing—which compromises user privacy—or launching further attacks, including the deployment of ransomware. If you believe that your computer is being crypto jacked, follow the proper steps to resolve and end the attack.
I think I May Be a Victim of Crypto Jacking, What Should I do?
1. Disconnect from the internet and Wi-Fi.
2. Monitor your CPU Usage. If your device is running with all or most of its processing power without engaging in resource-intensive applications, this could be a sign of cryptojacking.
3. Have an IT professional check for suspicious software (remote access) and scan computer for malware.
***Note: Do not wipe the computer unless directed by the IT professional
4. Reset credentials on a secondary device.
5. Keep track of data and accounts that may have been compromised.
Notes:
This material is for general information only and is not intended to provide specific advice or recommendations for any individual. This material was prepared by LPL Financial, LLC
Tracking #767525
Exp 07/2027
