Cryptojacking


One thing that I’ve learned all these years are that people, people never change. Bad guy stay bad, the good stay good. It’s just the way they show their traits changes. From basic DDoSing to shoulder surfing a person, the techniques, thats what changes the most.

We had the time when people used to steal hashes (basically money) from online banks and carded it to themselves. But now, in a world where blockchain is taking over slowly, Bitcoin in the rise, thats what get the attention of the bad guys. As the cyberspace is becoming more entangled, new ways of attacking cyber entities are emerging.

Sometimes these are open attacks like exit scams or Bitcoin ransomware attacks while some are attacks like DDOS and specter meltdowns. These attacks will only increase with time as everything is going digital and we have to learn and evolve from them. On similar lines, attacks in the cryptocurrency space will also keep rising and will take a while before we become mature enough to handle them. It is so because this space is new and in its nascent stages. One such attack very few may have heard about is happening every now and then on our personal computers and laptops. This attack is too quiet for an average joe to know. This attack is called Cryptojacking.

Now Bitcoin is designed in such a way that integration of basic protocols with any language or library will enable you to use it. Bitcoin - Basically - is a encrypted currency which is transferred from one person to another. When the transaction is donne, it is not free, a small amount of BTC is kept as a transaction tax which is then awarded to the bitcoin miners. These miners have to solve a code/problem (through their computers) which, on solving that particular code/problem tax is awarded to them. That particular problem gets harder each time the it is solved, hence, requiring more time. Now time is a thing which people don't really have, so the miners came to a solution called 'Pool Mining'.

Pool mining is a process by which a transaction's code is solved by multiple computers at once, hence reducing the time to get the money. Now here's the part where bad people come in.

Cryptojacking is basically the unauthorized use of someone else’s computer to mine cryptocurrency. Hackers do this by either getting the victim to click on a malicious link in an email that loads crypto mining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim’s browser. Either way, the crypto mining code then works in the background as unsuspecting victims use their computers normally. The only sign they might notice is slower performance or lags in execution which is totally for general people as we all se our phones hang at a point of time.

This computing power in the cryptocurrency realm is called ‘Hash power‘ which is used to make complicated and educated mathematical guesses to solve equations so that one can get the block reward of cryptocurrency mining. Read more about hashes in our detailed guide here. This form of hijacking happens only when you are browsing the internet and have landed on a website that is cryptojacking noob internet users. And the funny thing is, it even doesn’t require the user being attacked to download or click on anything. Instead, it just requires the user to browse the malicious website.

In the early days of crypto, it happened only if someone installed malicious softwares on their devices but now cryptojacking has evolved. It works by embedding a small JavaScript code in a website which then uses the processing power of the visiting device to mine CPU minable cryptocurrencies like Bytecoin, Monero etc. I know some of you might ask what difference does one user being cryptojacked make! Now imagine millions of users being cryptojacked. This will result in a significant hashing power which can then be used to mine cryptocurrencies.

There have been cases like a leading mobile manufacturer has embedded miner in the phones which is then send to millions where all the indivisual devices mine, we all notice that somtimes our data is being used without us doing anything. There are cases where a router manufacturer has embeded a miner in every router, imagine millions of routers using internet at once to mine,

Now I'm not saying that every one of you is being Cryptojacked, but what I'm trying to say is that it is growing, Exponentially. There are mobile companies which everyone us in day to day life which are in part of this practice, I would suggest you to research on your mobile companies, check your PC thoroughly, get devices from trusted companies. So, are you being crytojacked?