The number of crypto jacking incidents rose by an astronomical 8,500 per cent in the final quarter of 2017, Symantec has revealed.
Hacking computers to surreptitiously siphon off processing power to mine for cryptocurrencies is on the rise according to Symantec.
Symantec’s security response team said:
“The barrier to entry for coin mining is pretty low – potentially only requiring a couple of lines of code to operate – and coin mining can allow criminals to fly under the radar in a way that is not possible with other types of cybercrime.
“Victims may not even realilse a coin miner is slurping their computer’s power as the only impact may be a slowdown of their device that they could easily attribute to something else.”
Out of all the hack attacks the company blocked last December alone, 24% were aimed at hijacking CPU power to mine the digital currencies such as Bitcoin and Monero.
Yaroslava Ryabova from Kaspersky Lab reports that cybercriminals have already raked in an amount higher than $7 million through coin mining script injections in just the last six months.
And as if that’s not enough, Ellon Musk’s Tesla company was also forced to address the issue as their Amazon cloud account was used by hackers for crypto mining.
How to Prevent Cryptojacking
Here are some actionable items to help you and your organization avoid Cryptojacking attacks:
- The most straightforward method to prevent coin mining is through installing browser extensions that block cryptojacking, such as No Coin.
- Don’t fall for phishing – While this won’t prevent the script-injection attacks that oftentimes infect computers and mobile devices with cryptomining scripts, it will help to prevent attacks that leave code on your system via social engineering.
- Keep web filtering tools updated – Make sure to maintain the most up-to-date versions of your web filtering tool possible. If you do happen to run across a page that is injecting cryptomining scripts, make sure that you report it immediately, and if you’re at a company or organization, make sure your co-workers are blocked from accessing it, too.
- Maintain your browser extensions – Sometimes attackers are able to use malicious browser extensions, or else they poison legitimate ones, in order to infect you. Stay on top of your extensions, look for any that seem to appear from out of nowhere and always check for updates.
What to do if you’ve been cryptojacked
Fortunately, fixing your cryptojacked machine is straightforward. For in-browser cryptomining scripts it’s as easy as closing the tab the script is running in. You may also want to block the malicious or compromised site that launched the script in the first place.
Additionally, you will probably want to purge your browser extensions and then re-install the latest versions of the ones you want to keep.