What is Cryptojacking???
Cryptojacking is defined as the secret use of your computing device to mine cryptocurrency. Which means an attacker uses you computing device and computing power to mine cryptocurrency without seeking prior permission from you. An attacker do this by hijacking your device. So this attack method is called as cryptojacking.
How it works?
Normally cryptojacking happens when you browsing the Internet and have landed on a website that is cryptojacking noob Internet users.
And the funny thing is, it even doesn’t require the user being attacked
to download or click on anything (not all times). Instead, it just requires the user to
browse the malicious website.
And the other method is to inject a script on a website or an ad that is delivered to multiple websites. Once victims visit the website or the infected ad pops up in their browsers, the script automatically executes. No code is stored on the victims’ computers. Whichever method is used, the code runs complex mathematical problems on the victims’ computers and sends the results to a server that the hacker controls.
Cryptojacking Methods
- Facexworm : Malicious chrome extension
- WinstarNssmMiner : Scorched earth policy
- Exploiting an rTorrent vulnerability
- Serving cryptominers through Github
Ways to protect yourself
It is still not clear whether cryptojacking is legal or illegal, but it
surely is unethical as noob Internet users are being robbed of their
resources without any incentive.
1. Turning off your JavaScript in the browser.
2. Use endpoint protection that is capable of detecting known cryptominers.
3. Maintain browser extensions.
4. Install an ad-blocking or anti-cryptomining extension on web browsers (my recommendation).
5. Keep your web filtering tools up to date.
6. Use a mobile device management (MDM) solution to better control what’s on users’ devices.
No comments:
Post a Comment