When one of our devices gets hacked, we all go straight to the typical image: a criminal wants to infect our computer or mobile so that they can steal our data, our documentation, or even our money. Ultimately, itâs about using this security breach to gain some kind of direct benefit.
Practices like this, however, are evolving; these days our companyâs cybersecurity, as well as our own, are vulnerable to people who, one way or another, want us to âwork for themâ. This is exactly what happens with cryptojacking.
What is cryptojacking?
Broadly speaking, cryptojacking is when our computer or smartphone is used without our authorization, not necessarily to steal our data, but so that thieves can mine cryptocurrencies without using their own resources, but instead use ours to do so.
Mining for cryptocurrencies is an ever more complex task that consumes more and more energy resources and computing power. This is exactly why hackers have found a way to make it easier: they get onto other peopleâs computers and put them to work trawling the web, consuming these computersâ resources to mine cryptocurrencies.
Itâs what happened recently at a European bank, where they realized their computer equipment was consuming an unusual amount of resources at nighttime. After an investigation, they found out that their computers were being used to mine cryptocurrencies: an obvious breach of the companyâs cybersecurity.  Something very similar happened at GitHub, the platform recently acquired by Microsoft, which was also being used for cryptojacking.
How can cryptojacking make its way onto your computer?
There are several possible ways that cryptojacking can end up flooding your devices, but the most common are the following:
1.- Malware. At any moment â be it receiving an email, installing an application, activating some hidden software⊠â a cybercriminal can install malware on your computer that is capable of taking over the device, making CPU usage soar, and starting to mine cryptocurrencies, without you ever finding out.
2.- Websites and browsers This practice is becoming more and more common: certain websites take advantage of their usersâ Internet connections without telling them, putting them to work mining cryptocurrencies, thus tricking these users into allowing third parties to use their computers.
How does cryptojacking affect your company?
The biggest threat posed by cryptojacking isnât to your personal computer, but at work; if it ends up inundating your companyâs computers, it can cause a variety of problems:
1.- Consumption of resources. Believe us when we say that, sooner rather than later, your company will notice the incredible increase in your energy bill, since cryptojacking will tap into every last computer, and use them as often it can.
2.- Technical problems. The vast majority of computers in the world arenât technologically up to the task of mining cryptocurrencies. If cryptojacking malware makes its way onto your IT system, it wonât be long before your company starts to lose money on tech support, or even on buying new computers.
3.- Your companyâs cybersecurity. Stealing data might not be among the cryptojackersâ top priorities, but the fact that these cybercriminals are able to get onto your computers means that there is a serious cybersecurity problem at your company.
How to avoid cryptojacking in your company
If youâre worried that cryptojacking could take over your company, weâve provided some tips on how to avoid it:
1.- Analyze your resources. All operating systems have some kind of tool similar to System Monitor that analyzes the resources that are being consumed by your companyâs computers at all times. Keep track of this to make sure there is no unusual activity.
2.- Processor overheating. Sometimes you wonât even have to resort to System Monitor: if you notice that a computer is suddenly malfunctioning or its processor is overheating, you may well have a problem of this type.
3.- Careful with your browser. If you suspect that cryptojacking is getting in via websites, install plugins to block these sites on your browser. You can also check what websites are using this practice on Whoisminning.
4.- Protect your companyâs cybersecurity Your companyâs cybersecurity is vital. To look after it, you can rely on Panda Adaptive Defense, Panda Securityâs cybersecurity suite, which will protect you from possible breaches. Our advanced cybersecurity solution gives you a full, detailed view of the activity on all endpoints, and allows you to control all running processes.
2 comments
Iâm having trouble installing Global Protection on my computer.
Hello Kevin,
Please contact suport on the following link: https://www.pandasecurity.com/support/#homeusers
Our colleagues will be able to help you.
Kind regards,
Panda Security.