There aren't that many people who haven't heard about Bitcoin in 2018 after the prices for a single piece of the cryptocurrency reached levels of more than $18,000 in the final months of last year. With this popularity, however, mining for it and other cryptocurrencies have become harder, requiring even more resources.
Mining for cryptocurrencies might not be as physically intensive as the name of the activity suggests, but it takes its toll on the hardware and software of whatever system is engaged in it. It is so demanding that it has become almost impossible to turn a profit if you don't invest heavily in the machines that are going to be used to do the heavy lifting. As human nature dictates, there will be those that want to reap the fruits of the labor, without putting in any actual work.
This Week In Malware Ep 13: Glupteba Cryptojacking Malware Becomes Unstoppable
The way this works is by using someone else's computer to do all the mining. The initial method that threat actors used to hijack your system was through a malware infection that would launch a cryptomining application in the background. However, the application could be quickly picked up by antivirus software, so cybercrooks adapted, opting to use the web browser platform instead. It also makes the whole process easier and faster for them, as it is way simpler to hack a website and wait for the victims to come to you than it is to wait for thousands of people to install your malware.
How does cryptojacking affect businesses?
Everyone knows that productivity is essential for a successful business. That's why companies spend a good amount of money to make sure their IT infrastructure is optimized and running at high speeds. Speed, however, becomes an issue when you become a victim of cryptojacking, as its first sign is performance degradation of your system or network. Cryptojacking can severely cripple your business, no matter if 20, or 200, or even 2,000 people are working slower than they should be. And this is how cryptojackers effectively steal from you.
Cybercrooks might not be directly attacking your bank account, but they are stealing your time and electricity. According to a recent study, 15,000 hacked devices that are mining together can make $1,000 worth of cryptocurrency over the course of just four days.
What steps can you take do to protect your business?
The first thing that you can do when affected by a browser-based threat is to clean up your browser histories. This might be a little tougher in a business setting, as it requires some coordination. Purging browser extensions that are no longer being used is also essential when making sure your browser isn't used as an infiltration point by cybercrooks. You should also try and have any browser pages that are not being actively used.
Scanning for viruses is another thing that should be done if you suspect that your system has fallen victim to malware. Before scanning, however, you should make sure that your antivirus program is updated. Keeping things patched is just another step that you can take to protect your working environment. You should mainly focus on keeping Windows and third-party applications up to date, especially web browsers, to keep vulnerabilities that can be exploited to a minimum.
Last but not least, you should know with whom you are communicating. Considering the fact that cryptominers often manage to deposit their malicious code on trusted web pages, it's sometimes hard to avoid getting infected with a cryptojacking code. You should start by implementing a browser ad-blocking solution. The most popular ones can be turned on and off with a couple of clicks, so users of your business network shouldn't be too unhappy about using them, especially with the promise of better security. You can also use a network monitoring solution and add URL filtering for more control and visibility of your system's interactions.