The latest has been thrust into the spotlight this month. Crypto-jacking, also often referred to as drive-by mining, is becoming more prevalent. It is the process whereby hackers and websites host sections of code that have the cyber security threat ability to hijack your computer power towards mining cryptocurrency for the perpetrators gain. The hackers insert snippets of code into operation on a website visitors’ PC without their consent. This can lead further to security breaches and considerably affects the use of computer resources. For example, systems can freeze, personal data can be lost, work can be lost, gaps can be created that other hackers can exploit — all of which can negatively impact individual security and productivity. What’s the Motivation? Cryptocurrencies are mined by applying computer power towards solving complex mathematical puzzles. Crypto-jacking seeks to profit by harnessing the computer power of everyday PCs attached to the internet for their own gain. The more computer power the crypto-jacker can access the more cryptocurrency they are collecting through mining. Targeting of High Volume Sites This type of crypto-jacking code has been found in some websites which attract high volumes of visitors each day — such as that of major US TV production company — which was flagged and removed in September. CBS Showtime Hackers are suspected of planting crypto-jacking code on the extremely popular websites, then accessing visitor machines to generate virtual currency. In addition, the drive-by mining software was found on the official website of global football superstar . Crypto-jackers specifically target these high-volume sites to gain access to masses of individual site visitors’ computer power and resources. Cristiano Ronaldo . Source: https://go.malwarebytes.com Findings Published October 2017 Bitcoin: A Targeted Approach As part of the ongoing development efforts of the Bitcoin team they have implemented a system whereby Bitcoin requires customized chips and specific bespoke hardware to mine for the largest cryptocurrency by market capitalisation — this circumvents the internet to PC based crypto-jacking approach. However, other cryptocurrencies have not been designed in the same way — exposing them to a higher degree of risk. Monero The Monero cryptocurrency has played a role in the recent growth of crypto-jacking. Launched officially in 2014 this cryptocurrency has been specifically designed to be mined on individual PCs. These tools can be easily added into websites and feed through into unsuspecting visitors’ computers to carry out crypto-mining. A number of off-the-shelf Monero mining tools have been put into circulation — examples include Coinhive and JSEcoin. Coinhive In September of this year, cybersecurity investigators and researchers announced that they have found thousands of examples of video-streaming and file-sharing websites hosting . The majority of these sites do so unbeknownst to the site visitor. crypto-mining software like Coinhive Risk Management After releasing these findings, Coinhive created a new version that offers an opt-in button to optionally grant the miner their consent. However, there are suspected to be many other versions of this type of crypto-jacking software in use and as a preventative measure internet users can download a “ specifically designed to prevent code being inserted into their PCs. Examples include . In addition, newer antivirus software packages are starting to include built in blockers to this threat. blocker” browser extension minerBlock and No Coin : Investing involves a high degree of risk.*IQ Option is a brokerage company and does not provide OTN tokens to clients. All tokens are provided by the OTN foundation. The OTN foundation confirms that it does not sell OTN tokens and that the activity is non- commercial. Warning : Source 1. https://gwillem.gitlab.io/ 2. https://arstechnica.com/
