Just as the personal computer brought about totally new kinds of crime, so has the world of blockchains and cryptocurrencies. The game, however, has evolved from phishing for passwords and sensitive banking information to, quite bizarrely, gaining access to your devices to hijack your computing power. Yup, not your credit cards information or identity, just your computing power. Why? To mine cryptocurrency withal!
If your system has been a bit sluggish or your mobile device’s power unit seems to be sprinting to the finish line lately, it may be that you may have picked up a hitchhiker on a recent stroll through the interwebs and said hitchhiker (crypto mining script) is surreptitiously syphoning processing power to enrich a hacker. All you get out of the deal is a fried motherboard.
How did this miningware get on your device? Well, there are a number of ways it could have landed there. Could have picked up while visiting a dodgy site and embedded itself into your browser, it may have stowed away on a picture or app you downloaded, or you may have clicked a harmless-enough looking link on an email. Either way, it’s there. Now the million ETH question is how do you ID it, and keep it from hijacking your processing power.
Hackers can hijack websites to mine digital currencies that don’t require much computing power like Monero and Electronem by using a hacked version of the popular browser plugin Coinhive. What they do is embed their own code in the mining plugin and then attach it to websites and the modified plugin goes to work hiding in the browsers of visitors mines crypto without user permission.
The Coinhive team has identified the problem and blocked offending accounts but hackers can still break the Coinhive code up and attach the mining part of it to another program and the show goes on for hackers.
You can see if your browser is taking up more CPU activity than it should this way:
Windows: right-click taskbar>select Task Manager> Open Performance tab>
MacOS: open Activity Monitor by searching for it with Spotlight (Command + Spacebar) or by going to Applications > Utilities > Activity Monitor. Once open, hit the CPU tab. Total CPU usage in MacOS is the sum of system and user usages.
Average usage is usually about 20% when casually browsing the net. If it’s significantly higher then you’re likely in the mining business. If you close the browser and CPU usage remains high then that may mean the little bugger has a pop-under running on your system and keeping it active. A pop-under will be hard to get to as it’s sized to fit behind the clock in the windows taskbar. You’ll have PC use Task Manager to totally quit the browser.
You will need to practice the same precautionary measures employ against malware here. Scrutinize unsolicited mail, or images sent to you that you didn’t ask for. Don’t install software unless you’re sure it’s legit and be careful with flash drives that aren’t yours. Also, make sure your antivirus is updated. Cryptojacking as this particular cybercrime is called could cost you an arm and a leg in electricity bills.
The processing power of mobile devices is so little that anyone hijacking your phone to mine crypto won’t really make anything significant. However, if the cryptojacker makes a move insinuates his software onto millions of devices through the methods mentioned above or embeds it in a seemingly innocuous app then he stands to coin it. The Satoshis pile up, so to speak (they won’t be mining Bitcoin this way, you need specialised hardware for that.”
The app may not require any unusual permission but it’s still a good idea to check the permissions required before you continue to install it. You’ll know your device is doing more work than it should be if the battery seems to be running hotter than usual. This will severely reduce your battery life so uninstalling apps that seem to tax your phone or tablet’s processor more than they should. If the mining code found it’s way onto your device by hitchhiking on a media file or a link then an antivirus could be your best option. Avira’s mobile antivirus has been proven to identify miningware.
Cryptocurrency mining have become a way for people to accumulate a lot of wealth rapidly, perfect ground for greed to take root. The catch is that it’s expensive. The equipment, though pricey, is actually the smallest cost attached to the activity. Power consumption is where you’ll incur your biggest costs. What cryptojackers do is commandeer the processing power of a multitude of different devices and save on costs at other people’s expense. It’s like getting the milk without having to buy the cow.